Authentication method, authentication system, authentication device, and module for authentication

ABSTRACT

An authentication method capable of authenticating a user using bio-information for a broad range of users having a variety of physical characteristics is provided. An authentication apparatus reads out a user ID from an authentication card  14,  an authentication apparatus  15  reads out the designated type of bio-information among bio-information corresponding to the read out user ID from a storing means provided in the authentication apparatus  15,  the authentication apparatus  15  detects the designated type of bio-information from the user, and the authentication apparatus  15  compares the read out bio-information with the detected bio-information and authenticates the legitimacy of the user based on the result of the comparison.

TECHNICAL FIELD

[0001] The present invention relates to an authentication method, an authentication system, an authentication apparatus, and an authentication module for user authentication using bio-information.

BACKGROUND ART

[0002] In transactions using bank ATMs and network transactions using personal computers, the legitimacy of the user is authenticated by using an authentication card provided with, for example an IC (integrated circuit) or magnetic strip.

[0003] In the authentication by such an authentication card, for example, the user loads the authentication card in the authentication apparatus of the ATM, personal computer, etc. and inputs a password. Then, the authentication apparatus compares the password read out from the authentication card with the password input by the user and authenticates that the user is the person in question if they coincide.

[0004] It is necessary to set a number of digits of the password used in the authentication which can be easily remembered by the user, so it usually consists of four digits.

[0005] In the conventional authentication method, however, since the password used for the authentication has about four digits, there is a problem in that the number of digits is not sufficient from the viewpoint of security.

[0006] In order to solve such a problem, in recent years, an authentication system for authenticating the person in question by using bio-information such as a fingerprint or voice of the user has been developed.

[0007] In such an authentication system, the user is authenticated by using one type of bio-information determined in advance.

[0008] However, according to some physical characteristics of the user, the bio-information cannot be suitably detected in some cases. Also, according to the type of the apparatus where the authentication apparatus is used, the type of detecting means for detecting the bio-information differs in some cases. If only one type of bio-information can be handled, there is a problem that the apparatuses which can employ the authentication system end up being limited.

DISCLOSURE OF THE INVENTION

[0009] The present invention has been made in view of the problems of the above-mentioned prior art and has as an object thereof to provide an authentication method, an authentication system, an authentication apparatus, and an authentication module capable of authenticating a user using bio-information for a wide range of users having a variety of physical characteristics.

[0010] Another object of the present invention is to provide an authentication method, an authentication system, an authentication apparatus, and an authentication module making it possible to authenticate a user using a plurality of apparatuses provided with detecting means capable of detecting different bio-information.

[0011] An authentication method of a first aspect of the invention is an authentication method for authenticating a user by using an authentication module which is portable, wherein a controlling means reads out a designated type of bio-information from among a plurality of types of bio-information of the user stored in a storing means, a detecting means detects the designated type of bio-information from the user, and an authenticating means compares the bio-information read out from the storing means with the bio-information read out by the detecting means and authenticates the legitimacy of the user based on a result of the comparison.

[0012] According to the authentication method of the first aspect of the invention, a plurality of types of bio-information for users are prepared, and the authentication processing using the designated bio-information is carried out in accordance with request. For this reason, a user can be authenticated with a high reliability by using suitable bio-information in accordance with the physical characteristics of the user. Namely, the possibility of recognizing (authenticating) a person in question as not the person in question or recognizing that a user not the person in question is the person in question can be lowered.

[0013] Also, according to the authentication method of the first aspect of the invention, it becomes possible to perform the authentication using bio-information without providing a dedicated detecting means for authentication in accordance with the type of detecting means provided in the apparatus.

[0014] In the authentication method of the first aspect of the invention, preferably, the bio-information is at least one information of fingerprint information, voice information, handwriting information, face contour information, iris information, retinal information, palm information, earlobe information, and vein pattern information.

[0015] Note that in the authentication method of the first aspect of the invention, for example, it is also possible not to perform the authentication using the bio-information in response to an instruction.

[0016] An authentication apparatus of a second aspect of the invention is an authentication apparatus for authenticating a user by using an authentication module which is portable, and stores identification information for identifying the user or the authentication module, having a storing means for storing a plurality of types information of the user linked with the identification information, a reading means for reading the identification information from the authentication module, a detecting means for detecting the designated type of bio-information from the user, and an authenticating means for reading the designated type of bio-information among the bio-information corresponding to the identification information read out by the reading means from the storing means, comparing the read out bio-information with the bio-information detected by the detecting means, and authenticating the legitimacy of the user based on the result of the comparison.

[0017] The mode of operation of the authentication apparatus of the second aspect of the invention becomes as follows:

[0018] The identification information is read out from the authentication module by the reading means.

[0019] Also, the designated type of bio-information is detected from the user by the detecting means.

[0020] Next, by the authenticating means, the designated type of bio-information among the bio-information corresponding to the identification information read out by the reading means is read out from the storing means, the read out bio-information and the bio-information detected by the detecting means are compared, and the legitimacy of the user is authenticated based on the result of the comparison.

[0021] An authentication method of a third aspect of the invention is an authentication method for authenticating a user by using an authentication module which is portable and stores identification information for identifying the user or the authentication module, and an authentication apparatus, wherein the authentication apparatus reads out the identification information from the authentication module, reads out the designated type of bio-information among the bio-information corresponding to the read out identification information from the storing means provided in the authentication apparatus, detects the designated type of bio-information from the user, and compares the read out bio-information with the detected bio-information and authenticates the legitimacy of the user based on the result of the comparison.

[0022] The authentication method of the third aspect of the invention is a method corresponding to the authentication apparatus of the second aspect of the invention.

[0023] An authentication system of a fourth aspect of the invention is an authentication system having at least two authentication apparatuses including a first authentication apparatus and a second authentication apparatus for authenticating a user using an authentication module which is portable and stores identification information for identifying a user or the authentication module, wherein the first authentication apparatus has a first storing means for storing a first type of bio-information of the user linked with the identification information, a first reading means for reading the identification information from the authentication module, a first detecting means for detecting the first type of bio-information from the user, and a first authenticating means for comparing the bio-information corresponding to the identification information read out by the first reading means with the bio-information detected by the first detecting means and authenticating the legitimacy of the user based on the result of the comparison, and the second authentication apparatus has a second storing means for storing a second type of bio-information of the user linked with the identification information, a second reading means for reading out the identification information from the authentication module, a second detecting means for detecting the second type of bio-information from the user, and a second authenticating means for comparing the bio-information corresponding to the identification information read out by the second reading means with the bio-information detected by the second detecting means and authenticating the legitimacy of the user based on the result of the comparison.

[0024] The mode of operation of the authentication system of the fourth aspect of the invention becomes as follows.

[0025] When authenticating the user by using the first authentication apparatus, the identification information is read out from the authentication module by the first reading means.

[0026] Next, the first type of bio-information corresponding to the read out identification information is read out from the first storing means by the first authenticating means.

[0027] Also, the first type of bio-information is detected from the user by the first detecting means.

[0028] Next, the read out first type of bio-information and the first type of bio-information detected by the first detecting means are compared and the legitimacy of the user is authenticated based on the result of the comparison by the first authenticating means.

[0029] On the other hand, when authenticating the user by using the second authentication apparatus, the identification information is read out from the authentication module by the second reading means.

[0030] Next, the second type of bio-information corresponding to the read out identification information is read out from the second storing means by the second authenticating means.

[0031] Also, the second type of bio-information is detected from the user by the second detecting means.

[0032] Next, the read out second type of bio-information and the second type of bio-information detected by the second detecting means are compared and the legitimacy of the user is authenticated based on the result of the comparison by the second authenticating means.

[0033] An authentication method of a fifth aspect of the invention is an authentication method for authenticating a user by using an authentication module which is portable and stores identification information for identifying a user or the authentication module, and at least two authentication apparatuses including a first authentication apparatus and a second authentication apparatus for authenticating the user, wherein the first authentication apparatus reads out the identification information from the authentication module, the first authentication apparatus detects the first type of bio-information from the user, the first authentication apparatus reads out the first type of bio-information corresponding to the read out identification information from the first storing means provided in the first authentication apparatus, the first authentication apparatus compares the read out first type of bio-information with the detected first type of bio-information and authenticates the legitimacy of the user based on the result of the comparison, and the second authentication apparatus reads out the identification information from the authentication module, the second authentication apparatus detects the second type of bio-information from the user, reads out the second type of bio-information corresponding to the read out identification information from the second storing means provided in the second authentication apparatus, and the second authentication apparatus compares the read out second type of bio-information with the detected second type of bio-information and authenticates the legitimacy of the user based on the result of the comparison.

[0034] The authentication method of the fifth aspect of the invention is a method corresponding to the authentication system of the fourth aspect of the invention.

[0035] An authentication system of a sixth aspect of the invention is an authentication system having an authentication apparatus for authenticating a user by using an authentication module which is portable and stores identification information for identifying the user or the authentication module, and a server device for storing the bio-information of the user, wherein the server device stores a plurality of types of bio-information of the user linked with the identification information, and the authentication apparatus has a reading means for reading the identification information from the authentication module, a detecting means for detecting the type of bio-information used for authentication from the user, and an authenticating means for requesting the bio-information used for the authentication among the bio-information corresponding to the identification information read out by the reading means to the server device, receiving the bio-information from the server device in response to the request, comparing the bio-information received from the server device with the bio-information detected by the detecting means, and authenticating the legitimacy of the user based on the result of the comparison.

[0036] According to the authentication system of the sixth aspect of the invention, in the authentication system of the fourth aspect of the invention mentioned above, the first authentication apparatus and the second authentication apparatus receive bio-information of the user from the server device.

[0037] An authentication method of a seventh aspect of the invention is an authentication method for authenticating a user by using an authentication apparatus using an authentication module which is portable and stores the identification information for identifying the user or the authentication module, and a server device for storing the bio-information of the user, wherein the server device stores a plurality of types of bio-information of the user linked with the identification information, the authentication apparatus reads out the identification information from the authentication module, detects the type of the bio-information used for authentication from the user, requests the bio-information used for the authentication among the bio-information corresponding to the read out identification information to the server device, the server device transmits the bio-information used for the authentication to the authentication apparatus in response to the request, and the authentication apparatus compares the bio-information received from the server device with the detected bio-information and authenticates the legitimacy of the user based on the result of the comparison.

[0038] The seventh aspect of the invention is an authentication method corresponding to the authentication system of the sixth aspect of the invention.

[0039] An authentication system of an eighth aspect of the invention is an authentication system having a first authentication module and a second authentication module which is portable can be used and carried by a user and a processing device for processing based on the result of the authentication of the user using the first authentication module and the second authentication module, wherein the first authentication module has a first storing means for storing first identification information for identifying the user or the first authentication module and a first authenticating means for comparing the first type of bio-information of the user detected by the processing device with the first type of bio-information corresponding to the first identification information stored in the first storing means, authenticating the legitimacy of the user based on the result of the comparison, and outputting the result of the authentication to the processing device, the second authentication module has a second storing means for storing second identification information for identifying the user or the second authentication module and a second authenticating means for comparing the second type of bio-information of the user detected by the processing device with the second type of bio-information corresponding to the second identification information stored in the second storing means, authenticating the legitimacy of the second user based on the result of the comparison, and outputting the result of the authentication to the processing device, the processing device has a storing means for storing the first type of bio-information of the user linked with the first identification information and storing the second type of bio-information of the user linked with the second identification information, a reading means for reading the first identification information and the second identification information from the first authentication module and the second authentication module, a first detecting means for detecting the first type of bio-information from the user, a second detecting means for detecting the second type of bio-information from the user, an outputting means for outputting the first type of bio-information of the user stored in the storing means and the bio-information detected at the first detecting means to the first authentication module and outputting the second type of bio-information of the user and the bio-information detected at the second detecting means to the second authentication module, and a processing means for processing based on results of the authentication input from the first authentication module and the second authentication module.

[0040] The mode of operation of the authentication system of the eighth aspect of the invention becomes as follows.

[0041] When the processing device authenticates the user by using the first authentication module, the reading means of the processing device reads out the first identification information for identifying the first authentication module or the user of the first authentication module from the first authentication module.

[0042] Next, in the processing device, the first type of bio-information corresponding to the read out first identification information is read out from the storing means.

[0043] Also, the first detecting means of the processing device detects the first type of bio-information from the user.

[0044] Next, the outputting means of the processing device outputs the read out first type of bio-information and the detected first type of bio-information to the first authentication module.

[0045] Next, the first authenticating means of the first authentication module compares the bio-information input from the processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the processing device.

[0046] Next, the processing means of the processing device performs processing based on the result of the authentication input from the first authentication module.

[0047] On the other hand, when the processing device authenticates the user by using the second authentication module, the reading means of the processing device reads out the second identification information for identifying the second authentication module or the user of the second authentication module from the second authentication module.

[0048] Next, in the processing device, the second type of bio-information corresponding to the read out second identification information is read out from the storing means.

[0049] Also, the second detecting means of the processing device detects the second type of bio-information from the user.

[0050] Next, the outputting means of the processing device outputs the read out second type of bio-information and the detected second type of bio-information to the second authentication module.

[0051] Next, the second authenticating means of the second authentication module compares the bio-information input from the processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the processing device.

[0052] Next, the processing means of the processing device performs the processing based on the result of the authentication input from the second authentication module.

[0053] An authentication method of a ninth aspect of the invention is an authentication method using a first authentication module and a second authentication module which can be used and carried by a user and a processing device for performing the processing based on the result of the authentication of the user using the first authentication module and the second authentication module, wherein, when the processing device authenticates the user by using the first authentication module, the processing device reads out from the first authentication module first identification information for identifying the first authentication module or the user of the first authentication module from the first authentication module, the processing device reads out the first type of bio-information corresponding to the read out first identification information from the storing means provided in the processing device, the processing device detects the first type of bio-information from the user, and outputs the read out first type of bio-information and the detected first type of bio-information to the first authentication module, the first authentication module compares the bio-information input from the processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the processing device, and the processing device performs the processing based on the result of the authentication input from the first authentication module, while when the processing device authenticates the user by using the second authentication module, the processing device reads out from the second authentication module second identification information for identifying the second authentication module or the user of the second authentication module, reads out from the storing means provided therein the second type of bio-information corresponding to the read out second identification information, detects the second type of bio-information from the user, and outputs the read out second type of bio-information and the detected second type of bio-information to the second authentication module, the second authentication module compares the bio-information input from the processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the processing device, and the processing device performs the processing based on the result of the authentication input from the second authentication module.

[0054] The authentication method of the ninth aspect of the invention is a method corresponding to the authentication system of the eighth aspect of the invention.

[0055] An authentication system of a 10th aspect of the invention is an authentication system having a first authentication module and a second authentication module which can be used and carried by a user, a server device for storing the bio-information of the user and having a processing device for performing the processing based on the result of the authentication of the user using the first authentication module and the second authentication module, wherein the first authentication module has a first storing means for storing first identification information for identifying the user or the first authentication module and a first authenticating means for comparing the first type of bio-information of the user detected by the processing device with the first type of bio-information input from the processing device, authenticating the legitimacy of the user based on the result of the comparison, and outputting the result of the authentication to the processing device, the second authentication module has a second storing means for storing second identification information for identifying the user or the second authentication module and a second authenticating means for comparing the second type of bio-information of the user detected by the processing device with the second type of bio-information input from the processing device, authenticating the legitimacy of the user based on the result of the comparison, and outputting the result of the authentication to the processing device, the server device stores the first type of bio-information of the user linked with the first identification information and stores the second type of bio-information of the user linked with the second identification information, and the processing device has a first reading means for reading the first identification information and the second identification information from the first authentication module and the second authentication module, a first detecting means for detecting the first type of bio-information from the user, a second detecting means for detecting the second type of bio-information from the user, an outputting means for outputting the first type of bio-information of the user received from the server device and the bio-information detected by the first detecting means to the first authentication module when the first authentication module is to be used, while outputting the second type of bio-information of the user received from the server device and the bio-information detected by the second detecting means to the second authentication module when the second authentication module is to be used, and a processing means for performing the processing based on the result of the authentication input from the first authentication module and the second authentication module.

[0056] According to the authentication system of the 10th aspect of the invention, in the authentication system of the eighth aspect of the invention, the first authentication module and the second authentication module receive the bio-information of the user from the server device via the processing device.

[0057] An authentication method of an 11th aspect of the invention is an authentication method using a first authentication module and a second authentication module which can be used and carried by a user, a processing device for performing the processing based on the result of the authentication of the user using the first authentication module and the second authentication module and using a server device, wherein when the processing device authenticates the user by using the first authentication module, the processing device reads out from the first authentication module first identification information for identifying the first authentication module or the user of the first authentication module, and requests the first type of bio-information corresponding to the first identification information to the server device, the server device transmits the first type of bio-information corresponding to the first identification information to the processing device in response to the request, the processing device detects the first type of bio-information from the user, outputs the first type of bio-information received from the server device and the detected first type of bio-information to the first authentication module, the first authentication module compares the bio-information input from the processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the processing device, and the processing device performs the processing based on the result of the authentication input from the first authentication module, while when the first processing device authenticates the user by using the second authentication module, the processing device requests the second type of bio-information corresponding to the second identification information to the server device, the server device transmits the first type of bio-information corresponding to the second identification information to the processing device in response to the request, the processing device detects the second type of bio-information from the user, and outputs the second type of bio-information received from the server device and the detected second type of bio-information to the second authentication module, the second authentication module compares the bio-information input from the processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the processing device, and the processing device performs the processing based on the result of the authentication input from the second authentication module.

[0058] The authentication method of the 11th aspect of the invention is a method corresponding to the 10th authentication system.

[0059] An authentication system of a 12th aspect of the invention is an authentication system having an authentication module which can be used and carried by a user and a plurality of processing devices including a first processing device and a second processing device for performing processing based on the result of authentication of the user using the authentication module, wherein the authentication module has a storing means for storing identification information for identifying the user or the authentication module and an authenticating means for comparing, when the authentication is carried out by using the first processing device, first type of bio-information of the user detected by the first processing device with the first type of bio-information corresponding to the identification information stored in the first processing device, authenticating the legitimacy of the user based on the result of the comparison, and outputting the result of the authentication to the first processing device, while comparing, when the authentication is carried out by using the second processing device, second type of bio-information of the user detected by the second processing device with the second type of bio-information corresponding to the identification information stored in the second processing device, authenticating the legitimacy of the user based on the result of the comparison, and outputting the result of the authentication to the second processing device, the first processing device has a first storing means for storing the first type of bio-information of the user linked with the identification information, a first reading means for reading the identification information from the authentication module, a first detecting means for detecting the first type of bio-information from the user, a first outputting means for outputting bio-information stored in the first storing means and corresponds to the identification information, and outputting the bio-information detected at the first detecting means to the authentication module, and a first processing means for performing the processing based on the result of the authentication input from the authentication module, and the second processing device has a second storing means for storing the second type of bio-information of the user linked with the identification information, a second reading means for reading the identification information from the authentication module, a second detecting means for detecting the second type of bio-information from the user, a second outputting means for outputting bio-information stored in the second storing means and corresponds to the identification information, and outputting the bio-information detected at the second detecting means to the authentication module, and a second processing means for performing the processing based on the result of the authentication input from the authentication module.

[0060] The mode of operation of the authentication system of the 12th aspect of the invention becomes as follows.

[0061] In the authentication system, when the authentication is carried out by using the authentication module-and the first processing device, the first reading means of the first processing device reads out the identification information for identifying the user or the authentication module from the storing means of the authentication module.

[0062] Next, the first outputting means of the first processing device reads out the first type of bio-information corresponding to the read out identification information from the first storing means provided in the first processing device.

[0063] Next, the first detecting means of the first processing device detects the first type of bio-information from the user.

[0064] Next, the first outputting means of the first processing device outputs the read out first type of bio-information and the detected first type of bio-information to the authentication module.

[0065] Next, the authenticating means of the authentication module compares the bio-information input from the first processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the first processing device.

[0066] Next, the first processing means of the first processing device performs the processing based on the result of the authentication input from the authentication module.

[0067] On the other hand, in the authentication system, when the authentication is carried out by using the authentication module and the second processing device, the second reading means of the second processing device reads out the identification information for identifying the user or the authentication module from the storing means of the authentication module.

[0068] Next, the second outputting means of the second processing device reads out the second type of bio-information corresponding to the read out identification information from the second storing means provided in the second processing device.

[0069] Next, the second detecting means of the second processing device detects the second type of bio-information from the user.

[0070] Next, the second outputting means of the second processing device outputs the read out second type of bio-information and the detected second type of bio-information to the authentication module.

[0071] Next, the authenticating means of the authentication module compares the bio-information input from the second processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the second processing device.

[0072] Next, the second processing means of the second processing device performs the processing based on the result of the authentication input from the authentication module.

[0073] An authentication method of a 13th aspect of the invention is an authentication method having an authentication module which can be used and carried by a user and a plurality of processing devices including a first processing device and a second processing device for performing processing based on the result of authentication of the user using the authentication module, wherein, when carrying out the authentication by using the authentication module and the first processing apparatus, the first processing device reads out identification information for identifying the user or the authentication module from the authentication module, reads out a first type of bio-information corresponding to the read out identification information from a first storing means provided in the first processing device, detects the first type of bio-information from the user, and outputs the read out first type of bio-information and the detected first type of bio-information to the authentication module, the authentication module compares the bio-information input from the first processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the first processing device, and the first processing device performs the processing based on the result of the authentication input from the authentication module, while when carrying out the authentication by using the authentication module and the second processing device, the second processing device reads out identification information for identifying the user or the authentication module from the authentication module, reads out a second type of bio-information corresponding to the read out identification information from a second storing means provided in the second processing device, detects the second type of bio-information from the user, and outputs the read out second type of bio-information and the detected second type of bio-information to the authentication module, the authentication module compares the bio-information input from the second processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the second processing device, and the second processing device performs the processing based on the result of the authentication input from the authentication module.

[0074] An authentication system of a 14th aspect of the invention is an authentication system having an authentication module which can be used and carried by a user, a server device for storing bio-information of the user, and a plurality of processing devices including a first processing device and a second processing device for performing processing based on the result of authentication of the user using the authentication module, wherein the authentication module has a storing means for storing identification information for identifying the user or the authentication module and an authenticating means for comparing, when the authentication is carried out by using the first processing device, a first type of bio-information of the user detected by the first processing device with the bio-information input from the first processing device, that is, the first type of bio-information corresponding to the identification information, authenticating the legitimacy of the user based on the result of the comparison, outputting the result of the authentication to the first processing device, while comparing, when the authentication is carried out by using the second processing device, a second type of bio-information of the user detected by the second processing device with the bio-information input from the second processing device, that is, the second type of bio-information corresponding to the identification information, authenticating the legitimacy of the user based on the result of the comparison, and outputting the result of the authentication to the second processing device, the server device stores the first type of bio-information of the user linked with the first identification information and stores the second type of bio-information of the user linked with the second identification information, the first processing device has a first reading means for reading the identification information from the authentication module, a first detecting means for detecting the first type of bio-information from the user, a first outputting means for receiving the first type of bio-information of the user from the server device and outputting the bio-information received from the server device and the bio-information detected at the first detecting means to the authentication module, and a first processing means for performing the processing based on the result of the authentication input from the authentication module, and the second processing device has a second reading means for reading the identification information from the authentication module, a second detecting means for detecting the second type of bio-information from the user, a second outputting means for receiving the second type of bio-information of the user from the server device and outputting the bio-information received from the server device and the bio-information detected at the second detecting means to the authentication module, and a second processing means for performing the processing based on the result of the authentication input from the authentication module.

[0075] According to the authentication system of the 14th aspect of the invention, in the authentication system of the 12th aspect of the invention, the authentication module receives the bio-information of the user from the server device via the first processing device or the second processing device.

[0076] An authentication method of a 15th aspect of the invention is an authentication method for authenticating a user by using an authentication module which can be used and carried by the user, a plurality of processing devices including a first processing device and second processing device for performing processing based on the result of the authentication of the user using the authentication module and a server device for storing the bio-information of the user, wherein when carrying out the authentication by using the authentication module and the first processing device, the first processing device reads out the identification information for identifying the user or the authentication module from the authentication module, and requests the first type of bio-information corresponding to the read out identification information to the server device, the server device transmits a first type of bio-information corresponding to the identification information to the first processing device, the first processing device detects the first type of bio-information from the user, and outputs the first type of bio-information received from the server device and the detected first type of bio-information to the authentication module, the authentication module compares the bio-information input from the first processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the first processing device, and the first processing device performs the processing based on the result of the authentication input from the authentication module, while, when carrying out the authentication by using the authentication module and the second processing device, the second processing device reads out the identification information for identifying the user or the authentication module from the authentication module, and requests a second type of bio-information corresponding to the read out identification information to the server device, the server device transmits the second type of bio-information corresponding to the identification information to the second processing device, the second processing device detects the second type of bio-information from the user, the second processing device outputs the second type of bio-information received from the server device and the detected second type of bio-information to the authentication module, the authentication module compares the bio-information input from the second processing device, authenticates the legitimacy of the user based on the result of the comparison, and outputs the result of the authentication to the second processing device, and the second processing device performs the processing based on the result of the authentication input from the authentication module.

[0077] An authentication apparatus of a 16th aspect of the invention is an authentication apparatus for authenticating a user by using an authentication module which is portable and stores a plurality of bio-information of the user therein, having a detecting means for detecting bio-information corresponding to at least one type of the plurality of types from the user, a reading means for reading the bio-information corresponding to the type of the bio-information detected by the detecting means from the authentication module, and an authenticating means for comparing the bio-information detected by the detecting means and the bio-information read out by the reading means and authenticating the legitimacy of the user based on the result of the comparison.

[0078] The mode of operation of the authentication apparatus of the 16th aspect of the invention becomes as follows.

[0079] The bio-information corresponding to at least one type of the plurality of types is detected from the user by the detecting means.

[0080] Also, the bio-information corresponding to the detected type of bio-information is read out from the authentication module by the reading means.

[0081] Next, the authenticating means compares the detected bio-information and the read out bio-information, and the legitimacy of the user is authenticated based on the result of the comparison.

[0082] The authentication apparatus of the 16th aspect of the invention preferably further has a decoding means for decoding the read out bio-information by using predetermined decoding key information when encrypted bio-information is stored in the authentication module.

[0083] An authentication system of a 17th aspect of the invention is an authentication system having an authentication module which is portable and having an authentication apparatus for authenticating the user by using the authentication module, wherein the authentication module stores a plurality of types of bio-information, and the authentication apparatus has a detecting means for detecting the bio-information corresponding to at least one type of the plurality of types from the user, a reading means for reading the bio-information corresponding to the type of the bio-information detected by the detecting means from the authentication module, and an authenticating means for comparing the bio-information detected by the detecting means with the bio-information read out by the reading means and authenticating the legitimacy of the user based on the result of the comparison.

[0084] The authentication system of the 17th aspect of the invention is an authentication system provided with the authentication apparatus of the 16th aspect of the invention.

[0085] An authentication method of an 18th aspect of the invention is an authentication method for authenticating a user by using an authentication module which is portable and stores a plurality of types of bio-information of the user therein, comprising the steps of detecting the bio-information corresponding to at least one type of the plurality of types from the user, reading the bio-information corresponding to the detected type of bio-information from the authentication module, comparing the detected bio-information with the read out bio-information, and authenticating the legitimacy of the user based on the result of the comparison.

[0086] An authentication system of a 19th aspect of the invention is an authentication system having an authentication module which is portable and a processing device, wherein the authentication module has a storing means for storing a plurality of types of bio-information, an inputting means for inputting the bio-information of the user from the processing device, and an authenticating means for reading the bio-information of the same type as the bio-information input by the inputting means from the storing mean, comparing the read out bio-information with the bio-information input from the inputting means, and authenticating the legitimacy of the user based on the result of the comparison, and the processing device has a detecting means for detecting the bio-information from the user and an outputting means for outputting the detected bio-information to the authentication module.

[0087] The mode of operation of the authentication system of the 19th aspect of the invention becomes as follows.

[0088] In the authentication method for authenticating a user by using an authentication module which is portable and a processing device, the detecting means of the processing device detects the bio-information of the user.

[0089] Next, the outputting means of the processing device outputs the detected bio-information to the authentication module.

[0090] Next, the authenticating means of the authentication module reads out the bio-information of the same type as the bio-information input from the processing device from the storing means provided in the authentication module.

[0091] Next, the authenticating means of the authentication module compares the read out bio-information with the bio-information input from the processing device and authenticates the legitimacy of the user based on the result of the comparison.

[0092] The authentication system of the 19th aspect of the invention preferably further has a decoding means for decoding the read out bio-information by using the predetermined decoding key information when encrypted bio-information is stored in the storing means.

[0093] An authentication module of a 20th aspect of the invention is an authentication module which is portable and authenticates the user by inputting and outputting bio-information with the processing device, having a storing means for storing a plurality of types of bio-information, an inputting means for inputting the bio-information of the user from the processing device, and an authenticating means for reading the same type of bio-information as the bio-information input by the inputting means from the storing means, comparing the read out bio-information with the bio-information input from the inputting means, and authenticating the legitimacy of the user based on the result of the comparison.

[0094] An authentication method of a 21st aspect of the invention is an authentication method for authenticating a user by using an authentication module which is portable and a processing device, wherein the processing device detects the bio-information of the user, and outputs the detected bio-information to the authentication module, the authentication module reads out the same type of bio-information as the bio-information input from the processing device from the storing means provided in the authentication module, and the authentication module compares the read out bio-information with the bio-information input from the processing device, and authenticates the legitimacy of the user based on the result of the comparison.

[0095] The authentication method of the 21st aspect of the invention is a method corresponding to the authentication system of the 20th aspect of the invention.

[0096] Note that, in the first to 21st aspects of the invention, for example, it is also possible not to perform the authentication using the corresponding bio-information in response to an instruction.

BRIEF DESCRIPTION OF THE DRAWINGS

[0097]FIG. 1 is a flow chart for explaining authentication processing of a first embodiment of the present invention.

[0098]FIG. 2 is a flow chart for explaining another authentication processing of the first embodiment of the present invention.

[0099]FIG. 3 is an overall view illustrating the configuration of an authentication system of a second embodiment of the present invention.

[0100]FIG. 4 is a view for explaining an authentication card shown in FIG. 3.

[0101]FIG. 5 is a functional block diagram illustrating an authentication apparatus shown in FIG. 3.

[0102]FIG. 6 is a view for explaining information stored in a storage unit shown in FIG. 3.

[0103]FIG. 7 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 3.

[0104]FIG. 8 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 3.

[0105]FIG. 9 is an overall view illustrating the configuration of the authentication system of a third embodiment of the present invention.

[0106]FIG. 10 is a functional block diagram illustrating an authentication apparatus 15 a shown in FIG. 9.

[0107]FIG. 11 is a functional block diagram illustrating an authentication apparatus 15 b shown in FIG. 9.

[0108]FIG. 12 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 9.

[0109]FIG. 13 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 9.

[0110]FIG. 14 is an overall view illustrating the configuration of the authentication system of a fourth embodiment of the present invention.

[0111]FIG. 15 is a functional block diagram illustrating an authentication apparatus 115 a shown in FIG. 14.

[0112]FIG. 16 is a functional block diagram of the authentication apparatus 115 b shown in FIG. 14.

[0113]FIG. 17 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 14.

[0114]FIG. 18 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 14.

[0115]FIG. 19 is an overall view illustrating the configuration of the authentication system of a fifth embodiment of the present invention.

[0116]FIG. 20 is a view for explaining an authentication card 214 a shown in FIG. 19.

[0117]FIG. 21 is a view for explaining an authentication card 214 b shown in FIG. 19.

[0118]FIG. 22 is a functional block diagram illustrating the processing device shown in FIG. 19.

[0119]FIG. 23 is a view for explaining the information stored in a storage unit shown in FIG. 22.

[0120]FIG. 24 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 19.

[0121]FIG. 25 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 19.

[0122]FIG. 26 is an overall view illustrating the configuration of the authentication system of a sixth embodiment of the present invention.

[0123]FIG. 27 is a functional block diagram illustrating the processing device shown in FIG. 26.

[0124]FIG. 28 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 26.

[0125]FIG. 29 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 26.

[0126]FIG. 30 is an overall view illustrating the configuration of the authentication system of a seventh embodiment of the present invention.

[0127]FIG. 31 is a view for explaining the authentication card shown in FIG. 30.

[0128]FIG. 32 is a functional block diagram illustrating a processing device 415 a shown in FIG. 30.

[0129]FIG. 33 is a functional block diagram illustrating a processing device 415 b shown in FIG. 30.

[0130]FIG. 34 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 30.

[0131]FIG. 35 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 30.

[0132]FIG. 36 is an overall view illustrating the configuration of the authentication system of an eighth embodiment of the present invention.

[0133]FIG. 37 is a functional block diagram illustrating a processing device 515 a shown in FIG. 36.

[0134]FIG. 38 is a functional block diagram illustrating a processing device 515 b shown in FIG. 36.

[0135]FIG. 39 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 36.

[0136]FIG. 40 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 36.

[0137]FIG. 41 is an overall view illustrating the configuration of the authentication system of a ninth embodiment of the present invention.

[0138]FIG. 42 is a view for explaining the authentication card shown in FIG. 41.

[0139]FIG. 43 is a view for explaining the information stored in the storage unit shown in FIG. 42.

[0140]FIG. 44 is a functional block diagram illustrating an authentication apparatus 615 a shown in FIG. 41.

[0141]FIG. 45 is a functional block diagram illustrating an authentication apparatus 615 b shown in FIG. 41.

[0142]FIG. 46 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 41.

[0143]FIG. 47 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 41.

[0144]FIG. 48 is an overall view illustrating the configuration of the authentication system of a 10th embodiment of the present invention.

[0145]FIG. 49 is a view for explaining the authentication card shown in FIG. 48.

[0146]FIG. 50 is a view for explaining the information stored in the storage unit shown in FIG. 49

[0147]FIG. 51 is a functional block diagram illustrating a processing device 715 a shown in FIG. 48.

[0148]FIG. 52 is a functional block diagram illustrating a processing device 715 b shown in FIG. 48.

[0149]FIG. 53 is a flow chart for explaining an example of the operation of the authentication system shown in FIG. 48.

[0150]FIG. 54 is a flow chart for explaining another example of the operation of the authentication system shown in FIG. 48.

BEST MODE FOR CARRYING OUT THE INVENTION

[0151] Hereinafter, an explanation will be made of embodiments of the present invention with reference to the attached drawings.

[0152] In the following embodiments, a case where for example an authentication card is used as the module which can be carried by a user is exemplified. In the present embodiment, information is input and output by a contact method or a non-contact method between the authentication card and an authentication apparatus or other apparatus, and authentication is carried out using the bio-information of the user.

[0153] In the following embodiments, an authentication card is illustrated as the module of the present invention, but other than this, as the module of the present invention, use may also be made of a memory stick, smart card, or other portable storage device.

[0154] Also, in the embodiments, a case where for example fingerprint information and voice information of the user are used as the bio-information is illustrated, but other than this, it is also possible to use handwriting information, face contour information, iris information, retinal information, palm information, ear lobe information, and the vein pattern information as the bio-information.

[0155] First Embodiment

[0156] In the present embodiment, an explanation will be made of the steps of authentication processing forming the basis of the present invention.

[0157] In the present embodiment, the detecting means is provided with, for example, an authentication apparatus or other apparatus. Also, the controlling means, storing means, and authenticating means can be provided in any of the authentication card and apparatus too.

[0158]FIG. 1 is a flow chart for explaining the authentication processing of the present embodiment.

[0159] Step ST1:

[0160] The designated type of bio-information among a plurality of types of bio-information of the user stored in the storing means is read out from the storing means by the controlling means.

[0161] Step ST2:

[0162] The designated type of bio-information is detected from the user by the detecting means.

[0163] Step ST3:

[0164] By the authenticating means, the bio-information read out from the storing means and the bio-information read out by the detecting means are compared, and the legitimacy of the user is authenticated based on the result of the comparison.

[0165] As explained above, according to the authentication method of the present embodiment, a plurality of types of bio-information for each user are prepared, and the authentication processing using the designated bio-information is carried out in response to request.

[0166] For this reason, according to the authentication method of the present embodiment, a user can be authenticated with a high reliability by using suitable bio-information in accordance with the physical characteristics of the user. Namely, the possibility that a person in question is not recognized (authenticated) as the person in question or a user not the person in question is recognized as the person in question can be lowered.

[0167] Also, according to the authentication method of the present embodiment, in accordance with the type of the detecting means provided in the apparatus, it becomes possible to perform the authentication using bio-information without providing a dedicated detecting means for authentication. For example, a microphone is provided in a mobile phone or the like, therefore when authentication is carried out by using the mobile phone, the voice information of the user is designated as the bio-information, while when the authentication is carried out by using a computer provided with a mouse pad, the handwriting information is designated as the bio-information.

[0168] Note that, in the present embodiment, for example, as shown in FIG. 2, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is carried out (ST0). When it is decided that the bio-information is to be authenticated, the processing of steps ST1 to ST3 shown in FIG. 1 is carried out, while when it is decided that the bio-information is not to be authenticated, the processing is terminated.

[0169] Second Embodiment

[0170] The present embodiment is an embodiment corresponding to the second and third aspects of the invention.

[0171]FIG. 3 is an overall view illustrating the configuration of an authentication system 1 of the present embodiment.

[0172] As shown in FIG. 3, in the authentication system 1, the user 12 a is authenticated by using an authentication card 14 used by the user 12 a and an authentication apparatus 15 used by a business 13.

[0173] The authentication card 14 corresponds to the authentication-module of the present invention, while the authentication apparatus 15 corresponds to the authentication apparatus of the present invention.

[0174] Below, an explanation will be made of the authentication card 14 and the authentication apparatus 15.

[0175] [Authentication Card 14]

[0176]FIG. 4 is a view for explaining the authentication card 14 shown in FIG. 3.

[0177] As shown in FIG. 4, the authentication card 14 has a storage unit 20, for example, a magnetic strip or IC (integrated circuit).

[0178] The storage unit 20 has a user identification information ID (identification information of the present invention) allocated to the user 12 a at the time of issuance of the authentication card 14 and a password PWD determined by the user 12 a stored therein.

[0179] [Authentication Apparatus 15]

[0180] The authentication apparatus 15 is built in for example an ATM of a bank or a personal computer.

[0181]FIG. 5 is a functional block diagram illustrating the authentication apparatus 15 shown in FIG. 3.

[0182] As shown in FIG. 5, the authentication apparatus 15 has, for example, a storage unit 31, a card access unit 32, an input unit 33, a bio-information type designation unit 34, a bio-information detection unit 35, and an authentication unit 36.

[0183] The storage unit 31 corresponds to the storing means of the present invention, the card access unit 32 corresponds to the reading means of the present invention, the bio-information type designation unit 34 corresponds to the designating means of the present invention, the bio-information detection unit 35 corresponds to the detecting means of the present invention, and the authentication unit 36 corresponds to the authenticating means of the present invention.

[0184] The storage unit 31 is, for example, a hard disk drive or a semiconductor memory and, as shown in FIG. 6, stores two or more bio-information among bio-information such as the fingerprint information, voice information, handwriting information, and face contour information for each of the registered users including the user 12 a.

[0185] The card access unit 32 reads out the user identification information ID from the storage unit 20 of the authentication card 14 by the contact method or non-contact method.

[0186] The input unit 33 is for example a keyboard or a touch panel used by the user 12 a for inputting the password PWD.

[0187] The user 12 a or the business 13 uses the bio-information type designation unit 34 to designate the type of the bio-information to be used for authentication among the plurality of types of bio-information.

[0188] The bio-information detection unit 35 detects the bio-information of the user 12 a. The bio-information detection unit 35 performs the detection, for example, fingerprint detection, voice detection, handwriting detection, or face contour detection of the user 12 a.

[0189] The authentication unit 36 reads out the type of the bio-information designated at the bio-information type designation unit 34 among the bio-information corresponding to the user identification information ID read out from the authentication card 14 by the card access unit 32, compares the read out bio-information with the bio-information detected by the bio-information detection unit 35, and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0190] The authentication processing by the authentication unit 36 is carried out in response to for example the type of the bio-information, for instance, processing for verification of the fingerprint information is performed when authentication using the fingerprint information is to be carried out, processing for verification of the voice information is performed when authentication using the voice information is to be carried out, processing for verification of the handwriting information is performed when authentication using the handwriting information is to be carried out, and processing for verification of the face contour information is performed when authentication using the face contour information is to be carried out.

[0191] Below, an explanation will be made of an example of the operation of the authentication system 1.

[0192]FIG. 7 is a flow chart for explaining an example of the operation of the authentication system 1 shown in FIG. 3.

[0193] Step ST11:

[0194] The user 12 a places the authentication card 14 at a location where it can be read out by the card access unit 32 of the authentication apparatus 15.

[0195] Step ST12:

[0196] The user 12 a operates the input unit 33 of the authentication apparatus 15 to input the password PWD.

[0197] Step ST13:

[0198] By the card access unit 32 of the authentication apparatus 15, the user identification information ID and the password PWD are read out from the storage unit 20 of the authentication card 14 and stored in the storage unit 31. Then, the read out password PWD and the password PWD input at step ST12 are compared. When they coincide, the following processing is carried out.

[0199] Step ST14:

[0200] The user 12 a or the business 13 designates the type of the bio-information to be used for authentication by using the bio-information type designation unit 34 of the authentication apparatus 15.

[0201] The processing of step ST14 can be carried out before for example step ST13 too.

[0202] Step ST15:

[0203] The bio-information detection unit 35 of the authentication apparatus 15 detects the bio-information designated at step ST14 from the user 12 a. For example, when fingerprint information is designated at step ST14, the bio-information detection unit 35 detects the fingerprint of the user 12 a by using for example a mouse pad. Also, when voice information is designated at step ST14, the bio-information detection unit 35 detects the voice information of the user 12 a by using a microphone or the like.

[0204] Step ST16:

[0205] The authentication unit 36 of the authentication apparatus 15 reads out the bio-information designated at step ST4 among the bio-information of the user 12 a stored in the storage unit 31.

[0206] Step ST17:

[0207] The authentication unit 36 compares the bio-information read out at step ST16 and the bio-information detected by the bio-information detection unit 35 at step ST15 and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0208] As explained above, according to the authentication system 1, the authentication apparatus 15 can authenticate the user 12 a by using the designated type of bio-information among a plurality of types of bio-information.

[0209] For this reason, according to the authentication system 1, the user can be authenticated by a high reliability by using suitable bio-information in response to the physical characteristics of the user 12 a. Namely, the possibility that the person in question is not recognized (authenticated) as the person in question or a user not the person in question is recognized as the person in question can be lowered.

[0210] Note that, in the present embodiment, for example, as shown in FIG. 8, after the processing of step ST11 explained in FIG. 7 is terminated, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is to be carried out by the authentication apparatus (ST10). When it is decided that the bio-information is to be authenticated, the processing of steps ST14 to ST17 shown in FIG. 7 is carried out, while when it is decided that the bio-information is not to be authenticated, the processing is terminated.

[0211] Third Embodiment

[0212] The present embodiment is an embodiment corresponding to the fourth and fifth aspects of the invention.

[0213]FIG. 9 is an overall view illustrating the configuration of an authentication system 91 of the present embodiment.

[0214] As shown in FIG. 9, in the authentication system 91, the user 12 a is authenticated by using the authentication card 14 used by the user 12 a, an authentication apparatus 15 a used by a business 13 a, and a authentication apparatus 15 b used by a business 13 b.

[0215] The authentication card 14 is the same as that explained by using FIG. 3 in the first embodiment.

[0216] The authentication card 14 corresponds to the authentication module of the present invention, the authentication apparatus 15 a corresponds to the first authentication apparatus of the present invention, and the authentication apparatus 15 b corresponds to the second authentication apparatus of the present invention.

[0217] [Authentication Apparatus 15 a]

[0218] The authentication apparatus 15 a is built in for example the ATM of a bank or a personal computer.

[0219]FIG. 10 is a functional block diagram illustrating the authentication apparatus 15 a shown in FIG. 9.

[0220] As shown in FIG. 10, the authentication apparatus 15 a has for example a storage unit 31 a, a card access unit 32 a, the input unit 33, a bio-information detection unit 35 a, and an authentication unit 36 a.

[0221] Here, the input unit 33 is the same as that explained by using FIG. 5 in the second embodiment.

[0222] Also, the storage unit 31 a corresponds to the first storing means of the present invention, the card access unit 32 a corresponds to the first reading means of the present invention, the bio-information detection unit 35 a corresponds to the first detecting means of the present invention, and the authentication unit 36 a corresponds to the first authenticating means of the present invention.

[0223] The storage unit 31 a is for example a hard disk drive or semiconductor memory and stores the fingerprint information for each of the registered users including the user 12 a.

[0224] The card access unit 32 a reads out the user identification information ID from the storage unit 20 of the authentication card 14 by the contact method or non-contact method.

[0225] The bio-information detection unit 35 a detects the fingerprint information of the user 12 a.

[0226] The authentication unit 36 a compares the fingerprint information corresponding to the user identification information ID read out from the authentication card 14 by the card access unit 32 a and the fingerprint information detected by the bio-information detection unit 35 a and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0227] [Authentication Apparatus 15 b]

[0228] The authentication apparatus 15 b is built in for example the ATM of a bank or a personal computer.

[0229]FIG. 11 is a functional block diagram illustrating the authentication apparatus 15 b shown in FIG. 9.

[0230] As shown in FIG. 11, the authentication apparatus 15 b has for example a storage unit 31 b, a card access unit 32 b, the input unit 33, a bio-information detection unit 35 b, and an authentication unit 36 b.

[0231] Here, the input unit 33 is the same as that explained by using FIG. 5 in the second embodiment.

[0232] Also, the storage unit 31 b corresponds to the second storing means of the present invention, the card access unit 32 b corresponds to the second reading means of the present invention, the bio-information detection unit 35 b corresponds to the second detecting means of the present invention, and the authentication unit 36 b corresponds to the second authenticating means of the present invention.

[0233] The storage unit 31 b is for example a hard disk drive or semiconductor memory and stores the voice information for each of the registered users including the user 12 a.

[0234] The card access unit 32 b reads out the user identification information ID from the storage unit 20 of the authentication card 14 by the contact method or non-contact method.

[0235] The bio-information detection unit 35 b detects the voice information of the user 12 a.

[0236] The authentication unit 36 b compares the voice information corresponding to the user identification information ID read out from the authentication card 14 by the card access unit 32 b and the voice information detected by the bio-information detection unit 35 b and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0237] Below, an explanation will be made of an example of the operation of the authentication system 91.

[0238]FIG. 12 is a flow chart for explaining the example of the operation of the authentication system 91 shown in FIG. 9.

[0239] Below, an explanation will be made of a case where the user 12 a authenticates itself by using the authentication apparatus 15 a.

[0240] Step ST21:

[0241] The user 12 a places the authentication card 14 at a position where it can be read out by the card access unit 32 a of the authentication apparatus 15 a.

[0242] Step ST22:

[0243] The user 12 a operates the input unit 33 of the authentication apparatus 15 a to input the password PWD.

[0244] Step ST23:

[0245] The card access unit 32 a of the authentication apparatus 15 a reads out the user identification information ID and the password PWD from the storage unit 20 of the authentication card 14 and stores them in the storage unit 31 a. Then, the read out password PWD and the password PWD input at step ST22 are compared. When they coincide, the following processing is carried out.

[0246] Step ST24:

[0247] The bio-information detection unit 35 a of the authentication apparatus 15 a detects the fingerprint information of the user 12 a.

[0248] Step ST25:

[0249] The authentication unit 36 a of the authentication apparatus 15 a reads out the fingerprint information of the user 12 a stored in the storage unit 31 a.

[0250] Step ST26:

[0251] The authentication unit 36 a compares the fingerprint information read out at step ST25 and the fingerprint information detected by the bio-information detection unit 35 a at step ST24 and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0252] Note that, the example of the operation in the case where the user 12 a authenticates itself by using the authentication apparatus 15 a is the same as the example of the operation mentioned above except for the points that the voice information of the user 12 a is detected at step ST24, the voice information of the user 12 a is read out at step ST25, and the authentication is carried out by comparing the voice information of the user 12 a at step ST26.

[0253] As explained above, according to the authentication system 91, the user 12 a can perform the authentication using the fingerprint information at the authentication apparatus 15 a and perform the authentication using the voice information at the authentication apparatus 15 b by using one authentication card 14.

[0254] Note that, in the present embodiment, for example, as shown in FIG. 13, after the processing of step ST21 explained in FIG. 12 is terminated, it is also possible even if the processing for deciding whether or not the bio-information is to be authenticated is carried out by the authentication apparatus (ST20). When it is decided that the bio-information is to be authenticated, the processing of steps ST24 to ST26 shown in FIG. 12 is carried out, while when it is decided that the bio-information is not to be authenticated, the processing is terminated.

[0255] Fourth Embodiment

[0256] The present embodiment is an embodiment corresponding to the sixth and seventh aspects of the invention.

[0257]FIG. 14 is an overall view illustrating the configuration of an authentication system 101 of the present embodiment.

[0258] As shown in FIG. 14, the authentication system 101 authenticates the user 12 a using the authentication card 14 used by the user 12 a, an authentication apparatus 115 a used by the business 13 a, an authentication apparatus 115 b used by the business 13 b, and a server device 180.

[0259] The authentication apparatuses 115 a and 115 b and the server device 180 are connected to a network 181, for example, the Internet.

[0260] The authentication card 14 is the same as that explained in the second embodiment using FIG. 4.

[0261] The authentication card 14 corresponds to the authentication module of the present invention, the authentication apparatuses 115 a and 115 b correspond to the authentication apparatus of the present invention, and the server device 180 corresponds to the server device of the present invention.

[0262] [Authentication Apparatus 115 a]

[0263] The authentication apparatus 115 a is built in for example the ATM of a bank or a personal computer.

[0264]FIG. 15 is a functional block diagram illustrating the authentication apparatus 115 a shown in FIG. 14.

[0265] As shown in FIG. 15, the authentication apparatus 115 a has for example a communication interface unit 30 a, a storage unit 131 a, a card access unit 132, an input unit 133, a bio-information detection unit 135 a, and an authentication unit 136 a.

[0266] Here, the card access unit 132 corresponds to the reading means of the present invention, the bio-information detection unit 135 a corresponds to the detecting means of the present invention, and the authentication unit 136 a corresponds to the authenticating means of the present invention.

[0267] The communication interface unit 130 a is the interface for transmitting and receiving information such as fingerprint information with the server device 180 via the network 181.

[0268] The storage unit 131 a is for example a hard disk drive or semiconductor memory and stores for example the fingerprint information received from the server device 180.

[0269] The card access unit 132 is the same as the card access unit 32 explained by using FIG. 5 in the second embodiment.

[0270] The input unit 133 is the same as the input unit 33 explained by using FIG. 5 in the second embodiment.

[0271] The bio-information detection unit 135 a detects the fingerprint information of the user 12 a.

[0272] The authentication unit 136 a compares the fingerprint information corresponding to the user identification information ID read out from the authentication card 14 by the card access unit 132 with the fingerprint information detected by the bio-information detection unit 135 a and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0273] [Authentication Apparatus 115 b]

[0274] The authentication apparatus 115 b is built in for example the ATM of a bank or a personal computer.

[0275]FIG. 16 is a functional block diagram illustrating the authentication apparatus 115 b shown in FIG. 14.

[0276] As shown in FIG. 16, the authentication apparatus 115 b has for example a communication interface unit 130 b, a storage unit 131 b, the card access unit 132, the input unit 133, a bio-information detection unit 135 b, and an authentication unit 136 b.

[0277] Here, the card access unit 132 corresponds to the reading means of the present invention, the bio-information detection unit 135 b corresponds to the detecting means of the present invention, and the authentication unit 136 b corresponds to the authenticating means of the present invention.

[0278] The communication interface unit 130 b is the interface for transmitting and receiving information such as fingerprint information with the server device 180 via the network 181.

[0279] The storage unit 131 b is for example a hard disk drive or semiconductor memory, and stores for example the voice information received from the server device 180.

[0280] The card access unit 132 is the same as the card access unit 32 explained by using FIG. 5 in the second embodiment.

[0281] The input unit 133 is the same as the input unit 33 explained by using FIG. 5 in the second embodiment.

[0282] The bio-information detection unit 135 b detects the voice information of the user 12 a.

[0283] The authentication unit 136 b compares the voice information corresponding to the user identification information ID read out from the authentication card 14 by the card access unit 132 with the voice information detected by the bio-information detection unit 135 b and authenticates the legitimacy of the user 12 b based on the result of the comparison.

[0284] [Server Device 180]

[0285] The server device 180 stores the fingerprint information and the voice information for each of a plurality of users including the users 12 a and 12 b linked with the user identification information ID.

[0286] The server device 180 transmits the user identification information ID designated by the request and the fingerprint information or voice information corresponding to the type of the bio-information to the authentication apparatuses 115 a and 115 b via the network 181 in response to a request from the authentication apparatuses 115 a and 115 b.

[0287] Below, an explanation will be made of an example of the operation of the authentication system 101.

[0288]FIG. 17 is a flow chart for explaining an example of the operation of the authentication system 101 shown in FIG. 14.

[0289] Below, an explanation will be made of a case where the user 12 a authenticates itself by using the authentication apparatus 115 a.

[0290] Step ST31:

[0291] The user 12 a places the authentication card 14 at a position where it can be read out by the card access unit 132 of the authentication apparatus 115 a.

[0292] Step ST32:

[0293] The user 12 a operates the input unit 133 of the authentication apparatus 115 a to input the password PWD.

[0294] Step ST33:

[0295] The card access unit 132 of the authentication apparatus 115 a reads out the user identification information ID and the password PWD from the storage unit 20 of the authentication card 14 and stores it in the storage unit 131 a. Then, it compares the read out password PWD and the password PWD input at step ST32 and, when they coincide, perform the following processing.

[0296] Step ST34:

[0297] The bio-information detection unit 135 a of the authentication apparatus 115 a detects the fingerprint information of the user 12 a.

[0298] Step ST35:

[0299] The authentication unit 136 a of the authentication apparatus 115 a transmits the request specifying the user identification information ID read out at step ST33 to the server device 180 via the communication interface unit 130 a and the network 181. In response to the request, it transmits the fingerprint information corresponding to the user identification information ID via the network 181 from the server device 180 to the authentication apparatus 115 a and stores it in the storage unit 131 a.

[0300] Step ST36:

[0301] The authentication unit 136 a compares the fingerprint information received at step ST35 and the fingerprint information detected by the bio-information detection unit 135 a at step ST34 and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0302] Note that the example of the operation in the case where the user 12 a authenticates itself by using the authentication apparatus 115 b is the same as the example of the operation mentioned above except for the points that the voice information of the user 12 a is detected at step ST34, the voice information of the user 12 a is received at step ST35, and the authentication is carried out by comparing the voice information of the user 12 a at step ST36.

[0303] As explained above, according to the authentication system 101, the user 12 a can perform the authentication using the fingerprint information at the authentication apparatus 115 a and perform the authentication using the voice information at the authentication apparatus 115 b by using one authentication card 14.

[0304] Note that, in the present embodiment, for example, as shown in FIG. 18, after the processing of step ST31 explained in FIG. 17 is terminated, it is also possible if the processing for deciding whether or not the bio-information is to be authenticated is carried out by the authentication apparatus (ST30), the processing of steps ST34 to ST36 shown in FIG. 17 is carried out when it is decided that the bio-information is to be authenticated, and the processing is terminated when it is decided that the bio-information is not to be authenticated.

[0305] Fifth Embodiment

[0306] The present embodiment is an embodiment corresponding to the eighth and ninth aspects of the invention.

[0307]FIG. 19 is an overall view illustrating the configuration of an authentication system 201 of the present embodiment.

[0308] As shown in FIG. 19, the authentication system 201 authenticates the users 12 a and 12 b by using an authentication card 214 a used by the user 12 a, an authentication card 214 b used by the user 12 b, and a processing device 215 used by the business 13.

[0309] Here, the authentication card 214 a corresponds to the first authentication module of the present invention, the authentication card 214 b corresponds to the second authentication module of the present invention, and the processing device 215 corresponds to the processing device of the present invention.

[0310] Below, an explanation will be made of the authentication cards 214 a and 214 b and the processing device 215.

[0311] [Authentication Card 214 a]

[0312]FIG. 20 is a view for explaining the authentication card 214 a shown in FIG. 19.

[0313] As shown in FIG. 20, the authentication card 214 a has for example an input/output interface unit 220 a, a storage unit 221 a, and an authentication unit 222 a.

[0314] Here, the storage unit 221 a corresponds to the first storing means of the present invention, and the authentication unit 222 a corresponds to the first authenticating means of the present invention.

[0315] The input/output interface unit 220 a inputs and outputs information with the processing device 215.

[0316] The storage unit 221 a is a magnetic strip, IC (integrated circuit), etc. and stores the user identification information ID allocated to the user 12 a and the password PWD determined by the user 12 a at the time of issuance of the authentication card 214 a.

[0317] The authentication unit 222 a compares the detected fingerprint information of the user 12 a input from the processing device 215 via the input/output interface unit 220 a with the fingerprint information stored in advance, authenticates the legitimacy of the user 12 a based on the result of the comparison, and outputs the result of authentication to the processing device 215 via the input/output interface unit 220 a.

[0318] [Authentication Card 214 b]

[0319]FIG. 21 is a view for explaining the authentication card 214 b shown in FIG. 19.

[0320] As shown in FIG. 21, the authentication card 214 b has for example an input/output interface unit 220 b, a storage unit 221 b, and an authentication unit 222 b.

[0321] Here, the storage unit 221 b corresponds to the second storing means of the present invention, and the authentication unit 222 b corresponds to the second authenticating means of the present invention.

[0322] The input/output interface unit 220 b inputs and outputs the information with the processing device 215.

[0323] The storage unit 221 b is a magnetic strip, IC (integrated circuit), etc. and stores the user identification information ID allocated to the user 12 b and the password PWD determined by the user 12 b at the time of issuance of the authentication card 214 b.

[0324] The authentication unit 222 b compares the detected voice information of the user 12 b input from the processing device 215 via the input/output interface unit 220 b with the voice information stored in advance, authenticates the legitimacy of the user 12 b based on the result of the comparison, and outputs the result of authentication to the processing device 215 via the input/output interface unit 220 b.

[0325] [Processing Device 215]

[0326] The processing device 215 is built in for example the ATM of a bank or a personal computer.

[0327]FIG. 22 is a functional block diagram illustrating the processing device 215 shown in FIG. 19.

[0328] As shown in FIG. 22, the processing device 215 has for example a storage unit 231, card access unit 232, input unit 233, bio-information detection unit 235, and processing unit 236.

[0329] Here, the storage unit 231 corresponds to the storing means of the present invention, the card access unit 232 corresponds to the reading means and outputting means of the present invention, the bio-information detection unit 235 a corresponds to the first detecting means of the present invention, the bio-information detection unit 235 b corresponds to the second detecting means of the present invention, and the processing unit 236 corresponds to the processing means of the present invention.

[0330] The storage unit 231 is for example a hard disk drive or semiconductor memory and stores the fingerprint information and voice information for each user.

[0331] Concretely, the storage unit 231 stores the fingerprint information of the user 12 a and the voice information of the user 12 b as shown in FIG. 23.

[0332] The card access unit 232 reads out the user identification information ID from the storage units 221 a and 221 b of the authentication cards 214 a and 214 b by the contact method or non-contact method and, at the same time, inputs and outputs the predetermined information with the authentication card 214.

[0333] The input unit 233 is for example a keyboard or touch panel and is used for the users 12 a and 12 b to input passwords PWD.

[0334] The bio-information detection unit 235 a detects the fingerprint information of the user.

[0335] The bio-information detection unit 235 b detects the voice information of the user.

[0336] The processing unit 236 performs for example account debiting processing or transaction processing based on the result of authentication input from the authentication cards 214 a and 214 b.

[0337] Below, an explanation will be made of an example of the operation of the authentication system 201.

[0338]FIG. 24 is a flow chart for explaining the example of the operation of the authentication system 201 shown in FIG. 19.

[0339] Step ST41:

[0340] The user 12 a places the authentication card 214 a at a position where it can be read out by the card access unit 232 of the processing device 215.

[0341] Step ST42:

[0342] The user 12 a operates the input unit 233 of the processing device 215 to input the password PWD.

[0343] Step ST43:

[0344] The card access unit 232 of the processing device 215 reads out the user identification information ID and the password PWD from the storage unit 221 a of the authentication card 214 a and stores it in the storage unit 231. Then, it compares the read out password PWD and the password PWD input at step ST42 and, when they coincide, perform the following processing.

[0345] Step ST44:

[0346] The bio-information detection unit 235 a of the processing device 215 detects the fingerprint information of the user 12 a.

[0347] Step ST45:

[0348] The card access unit 232 of the processing device 215 outputs to the authentication card 214 a the fingerprint information of the user 12 a read out from the storage unit 231 and the fingerprint information of the user 12 a detected at step ST44.

[0349] Step ST46:

[0350] The authentication unit 222 a of the authentication card 414 compares the fingerprint information of the user 12 a read out from the storage unit 231 and the detected fingerprint information of the user 12 a which were input at step ST45 and autheticates the legitimacy of the user 12 a based on the result of the comparison. The result of the authentication is output from the input/output interface unit 220 a to the processing device 215.

[0351] Step ST47:

[0352] The processing unit 236 of the processing device 215 performs for example account debiting processing or transaction processing when the user 12 a is the legitimate user based on the result of authentication input at step ST46.

[0353] As explained above, the authentication system 201 can authenticate the user by using one bio-information selected from among a plurality of bio-information in accordance with the characteristics of the authentication card.

[0354] For this reason, the authentication system 201 can authenticate the user with a high reliability by using the suitable bio-information in accordance with the physical characteristics of the user. Namely, the possibility that the person in question is not recognized (authenticated) as the person in question or a user not the person in question is recognized as the person in question can be lowered.

[0355] Note that, in the present embodiment, for example, as shown in FIG. 25, after the processing of step ST41 explained in FIG. 24 is terminated, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is carried out by the authentication card or authentication apparatus (ST40), the processing of steps ST44 to ST47 shown in FIG. 24 is carried out when it is decided that the bio-information is to be authenticated, while the processing is terminated when it is decided that the bio-information is not to be authenticated.

[0356] Sixth Embodiment

[0357] The present invention is an embodiment corresponding to the 10th and 11th aspects of the invention.

[0358]FIG. 26 is an overall view illustrating the configuration of an authentication system 301 of the present embodiment.

[0359] As shown in FIG. 26, the authentication system 301 authenticates the users 12 a and 12 b by using an authentication card 214 a used by the user 12 a, an authentication card 214 b used by the user 12 b, a processing device 315 used by the business 13, and a server device 380.

[0360] The authentication cards 214 a and 214 b are the same as those explained by using FIG. 20 and FIG. 21 in the fifth embodiment.

[0361] The authentication card 214 a corresponds to the first authentication module of the present invention, the authentication card 214 b corresponds to the second authentication module of the present invention, the processing device 315 corresponds to the processing device of the present invention, and the server device 380 corresponds to the server device of the present invention.

[0362] [Processing Device 315]

[0363] The processing device 315 is built in for example the ATM of a bank or a personal computer.

[0364]FIG. 27 is a functional block diagram illustrating the processing device 315 shown in FIG. 26.

[0365] As shown in FIG. 27, the processing device 315 has for example a communication interface unit 337, a storage unit 331, a card access unit 332, an input unit 333, a bio-information detection unit 335, and a processing unit 336.

[0366] Here, the card access unit 332 corresponds to the reading means and outputting means of the present invention, the bio-information detection unit 335 a corresponds to the first detecting means of the present invention, the bio-information detection unit 335 b corresponds to the second detecting means of the present invention, and the processing unit 336 corresponds to the processing means of the present invention.

[0367] The communication interface unit 337 transmits and receives data with the server device 380 via the network 381.

[0368] The storage unit 331 is for example a hard disk drive or semiconductor memory.

[0369] The card access unit 332 reads out the user identification information ID from the storage units 221 a and 221 b of the authentication cards 214 a and 214 b by the contact method or non-contact method and, at the same time, inputs and outputs the predetermined information with the authentication cards 214 a and 214 b.

[0370] The input unit 333 is for example a keyboard or touch panel and is used for the users 12 a and 12 b to input the passwords PWD.

[0371] The bio-information detection unit 335 a detects the fingerprint information of the user.

[0372] The bio-information detection unit 335 b detects the voice information of the user.

[0373] The processing unit 336 performs, for example, account debiting processing or transaction processing based on the results of authentication input from the authentication cards 214 a and 214 b.

[0374] [Server Device 380]

[0375] The server device 380 stores the fingerprint information and the voice information for each of a plurality of users including the users 12 a and 12 b linked with the user identification information ID.

[0376] The server device 380 transmits the user identification information ID designated by the request and the fingerprint information or voice information corresponding to the type of the bio-information to the authentication apparatus 315 via the network 381 in response to the request from the authentication apparatus 315.

[0377] Below, an explanation will be made of an example of the operation of the authentication system 301.

[0378]FIG. 28 is a flow chart for explaining an example of the operation of the authentication system 301 shown in FIG. 26.

[0379] Step ST51:

[0380] The user 12 a places the authentication card 214 a at a position where it can be read out by the card access unit 332 of the processing device 315.

[0381] Step ST52:

[0382] The user 12 a operates the input unit 333 of the processing device 315 to input the password PWD.

[0383] Step ST53:

[0384] The card access unit 332 of the processing device 315 reads out the user identification information ID and the password PWD from the storage unit 221 a of the authentication card 214 a and stores it in the storage unit 331. Then, it compares the read out password PWD and the password PWD input at step ST52 and, when they coincide, performs the following processing.

[0385] Step ST54:

[0386] The bio-information detection unit 335 a of the processing device 315 detects the fingerprint information of the user 12 a.

[0387] Step ST55:

[0388] The communication interface unit 337 of the processing device 315 outputs to the server device 380 via the network 381 the user identification information ID read out at step ST53 and the request designating the fingerprint as the type of the bio-information. In response to the request, the fingerprint information of the user 12 a is transmitted from the server device 380 via the network 381 to the processing device 315 and is stored in the storage unit 331.

[0389] Step ST56:

[0390] The card access unit 332 of the processing device 315 outputs to the authentication card 214 a the fingerprint information of the user 12 a read out from the storage unit 331 and the fingerprint information of the user 12 a detected at step ST54.

[0391] Step ST57:

[0392] The authentication unit 214 a of the authentication card 214 a compares the fingerprint information of the user 12 a read out from the storage unit 331 and the detected fingerprint information of the user 12 a which were input at step ST56 and authenticates the legitimacy of the user 12 a based on the result of the comparison. The result of the authentication is output from the input/output interface unit 220 a to the processing device 315.

[0393] Step ST58:

[0394] The processing unit 336 of the processing device 315 performs, for example, account debiting processing or transaction processing when the user 12 a is the legitimate user based on the result of authentication input at step ST57.

[0395] As explained above, the authentication system 301 can authenticate the user by using one bio-information selected from among a plurality of bio-information in accordance with the characteristics of the authentication card.

[0396] For this reason, the authentication system 301 can authenticate the user with a high reliability by using suitable bio-information in accordance with the physical characteristics of the user. Namely, the possibility that the person in question is not recognized (authenticated) as the person in question or a user not the person in question is recognized as the person in question can be lowered.

[0397] Note that, in the present embodiment, for example, as shown in FIG. 29, after the processing of step ST51 explained in FIG. 28 is terminated, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is carried out by the authentication card or authentication apparatus (ST50), the processing of steps ST54 to ST58 shown in FIG. 28 is carried out when it is decided that the bio-information is to be authenticated, while the processing is terminated when it is decided that the bio-information is not to be authenticated.

[0398] Seventh Embodiment

[0399] The present embodiment is an embodiment corresponding to the 12th and 13th aspects of the invention.

[0400]FIG. 30 is an overall view illustrating the configuration of an authentication system 401 of the present embodiment.

[0401] As shown in FIG. 30, the authentication system 401 authenticates the user 12 a by using an authentication card 414 used by the user 12 a, a processing device 415 a used by a business 13 a, and a processing device 415 b used by a business 13 b.

[0402] The authentication card 414 corresponds to the authentication module of the present invention, the processing device 415 a corresponds to the first processing device of the present invention, and the processing device 415 b corresponds to the second processing device of the present invention.

[0403] Below, an explanation will be made of the authentication card 414 and the processing device 415.

[0404] [Authentication Card 414]

[0405]FIG. 31 is a view for explaining the authentication card 414 shown in FIG. 30.

[0406] As shown in FIG. 31, the authentication card 414 has for example an input/output interface unit 420, a storage unit 421, and authentication units 422 a and 422 b.

[0407] Here, the storage unit 421 corresponds to the storing means of the present invention, and the authentication units 422 a and 422 b correspond to the authenticating means of the present invention.

[0408] The input/output interface unit 420 inputs and outputs the information with the processing devices 415 a and 415 b.

[0409] The storage unit 421 is a magnetic strip, IC (integrated circuit), or the like and stores the user identification information ID allocated to the user 12 a and the password PWD determined by the user 12 a at the time of issuance of the authentication card 414.

[0410] The authentication unit 422 a compares the detected fingerprint information of the user 12 a input from the processing device 415 a via the input/output interface unit 420 with the fingerprint information stored in advance, authenticates the legitimacy of the user 12 a based on the result of the comparison, and outputs the result of authentication to the processing device 415 a via the input/output interface unit 420.

[0411] The authentication unit 422 b compares the detected voice information of the user 12 a input from the processing device 415 b via the input/output interface unit 420 with the voice information stored in advance, authenticates the legitimacy of the user 12 a based on the result of the comparison, and outputs the result of authentication via the input/output interface unit 420 to the processing device 415 b.

[0412] [Processing Device 415 a]

[0413] The processing device 415 a is built in for example the ATM of a bank or a personal computer.

[0414]FIG. 32 is a functional block diagram illustrating the processing device 415 a shown in FIG. 30.

[0415] As shown in FIG. 32, the processing device 415 a has for example a storage unit 431 a, a card access unit 432 a, an input unit 433, a bio-information detection unit 435 a, and a processing unit 436 a.

[0416] Here, the storage unit 431 a corresponds to the storing means of the present invention, the card access unit 432 a corresponds to the first reading means and first outputting means of the present invention, the bio-information detection unit 435 a corresponds to the first detecting means of the present invention, and the processing unit 436 a corresponds to the first processing means of the present invention.

[0417] The storage unit 431 a is for example a hard disk drive or semiconductor memory.

[0418] The card access unit 232 reads out the user identification information ID and password PWD from the storage unit 421 of the authentication card 414 by the contact method or non-contact method and, at the same time, inputs and outputs the predetermined information with the authentication card 414.

[0419] The input unit 433 is for example a keyboard or touch panel and is used for the user 12 a to input password PWD.

[0420] The bio-information detection unit 435 a detects the fingerprint information of the user.

[0421] The processing unit 436 a performs, for example, account debiting processing or transaction processing based on the result of authentication input from the authentication card 414.

[0422] [Processing Device 415 b]

[0423] The processing device 415 b is built in for example the ATM of a bank or a personal computer.

[0424]FIG. 33 is a functional block diagram illustrating the processing device 415 b shown in FIG. 30.

[0425] As shown in FIG. 33, the processing device 415 b has for example a storage unit 431 b, a card access unit 432 b, an input unit 433, a bio-information detection unit 435 b, and a processing unit 436 b.

[0426] Here, the functions of the storage unit 431 b, the card access unit 432 b, the input unit 433, and the processing unit 436 b are the same as those explained by using FIG. 32.

[0427] The bio-information detection unit 435 b detects the voice information of the user.

[0428] Note that, the storage unit 431 b corresponds to the second storing means of the present invention, the card access unit 432 b corresponds to the second reading means and second outputting means of the present invention, the bio-information detection unit 435 b corresponds to the second detecting means of the present invention, and the processing unit 436 b corresponds to the second processing means of the present invention.

[0429] Below, an explanation will be made of an example of the operation of the authentication system 401.

[0430]FIG. 34 is a flow chart for explaining an example of the operation of the authentication system 401 shown in FIG. 30.

[0431] Step ST61:

[0432] The user 12 a places the authentication card 414 at a position where it can be read out by the card access unit 432 a of the processing device 415 a.

[0433] Step ST62:

[0434] The user 12 a operates the input unit 433 of the processing device 415 a to input the password PWD.

[0435] Step ST63:

[0436] The card access unit 432 a of the processing device 415 a reads out the user identification information ID and the password PWD from the storage unit 421 of the authentication card 414 and stores it in the storage unit 431.

[0437] Then, it compares the read out password PWD and the password PWD input at step ST62 and, when they coincide, performs the following processing.

[0438] Step ST64:

[0439] The bio-information detection unit 435 a of the processing device 415 a detects the fingerprint information of the user 12 a.

[0440] Step ST65:

[0441] The card access unit 432 a of the processing device 415 a outputs to the authentication card 414 the fingerprint information of the user 12 a read out from the storage unit 431 and the fingerprint information of the user 12 a detected at step ST 64.

[0442] Step ST66:

[0443] The authentication unit 422 a of the authentication card 414 compares the fingerprint information of the user 12 a read out from the storage unit 431 input at step ST65 and the detected fingerprint information of the user 12 a and authenticates the legitimacy of the user 12 a based on the result of the comparison. It outputs the result of the authentication from the input/output interface unit 420 to the processing device 415 a.

[0444] Step ST67:

[0445] The processing unit 436 a of the processing device 415 a performs, for example, account debiting processing or transaction processing when the user 12 a is the legitimate user based on the result of authentication input at step ST66.

[0446] As explained above, the authentication system 401, by using one authentication card 414, can authenticate the user at the plurality of processing devices 415 a and 415 b for performing the authentication by using bio-information of types different from each other.

[0447] Note that, in the present embodiment, for example, as shown in FIG. 35, after the processing of step ST61 explained in FIG. 34 is terminated, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is carried out by the authentication card or authentication apparatus (ST60), the processing of steps ST64 to ST67 shown in FIG. 34 is carried out when it is decided that the bio-information is to be authenticated, while the processing is terminated when it is decided that the bio-information is not to be authenticated.

[0448] Eighth Embodiment

[0449] The present embodiment is an embodiment corresponding to the 14th and 15th aspects of the invention.

[0450]FIG. 36 is an overall view illustrating the configuration of an authentication system 501 of the present embodiment.

[0451] As shown in FIG. 36, the authentication system 501 authenticates the user 12 a by using the authentication card 414 used by the user 12 a, a processing device 515 a used by the business 13 a, a processing device 515 b used by the business 13 b, and a server device 580.

[0452] The authentication card 414 is the same as that explained in the seventh embodiment by using FIG. 31.

[0453] Here, the authentication card 414 corresponds to the authentication module of the present invention, the processing device 515 a corresponds to the first processing device of the present invention, the processing device 515 b corresponds to the second processing device of the present invention, and the server device 580 corresponds to the server device of the present invention.

[0454] Below, an explanation will be made of the processing devices 515 a and 515 b and the server device 580.

[0455] [Processing Device 515 a]

[0456] The processing device 515 a is built in for example the ATM of a bank or a personal computer.

[0457]FIG. 37 is a functional block diagram illustrating the processing device 515 a shown in FIG. 36.

[0458] As shown in FIG. 37, the processing device 515 a has for example a communication interface unit 537, a storage unit 531, a card access unit 532 a, an input unit 533, a bio-information detection unit 535 a, and a processing unit 536 a.

[0459] Here, the card access unit 532 a corresponds to the first reading means and first outputting means of the present invention, the bio-information detection unit 535 a corresponds to the first detecting means of the present invention, and the processing unit 536 a corresponds to the first processing means of the present invention.

[0460] The communication interface unit 537 transmits and receives information with the server device 580 via the network 581.

[0461] The storage unit 531 is for example a hard disk drive or semiconductor memory.

[0462] The card access unit 532 a reads out the user identification information ID and password PWD from the storage unit 421 of the authentication card 414 shown in FIG. 31 by the contact method or non-contact method and, at the same time, inputs and outputs the predetermined information with the authentication card 414.

[0463] The input unit 533 is for example a keyboard or touch panel and is used for the user 12 a to input the password PWD.

[0464] The bio-information detection unit 535 a detects the fingerprint information of the user.

[0465] The processing unit 536 a performs, for example, account debiting processing or transaction processing based on the result of authentication input from the authentication card 414.

[0466] [Processing Device 515 b]

[0467] The processing device 515 b is built in for example the ATM of a bank or a personal computer.

[0468]FIG. 38 is a functional block diagram illustrating the processing device 515 b shown in FIG. 36.

[0469] As shown in FIG. 38, the processing device 515 b has for example the storage unit 531, a card access unit 532 b, the input unit 533, a bio-information detection unit 535 b, and a processing unit 536 b.

[0470] Here, the functions of the storage unit 531, the card access unit 532 b, the input unit 533, and the processing unit 536 b are the same as those explained by using FIG. 37.

[0471] The bio-information detection unit 535 b detects the voice information of the user.

[0472] Note that, the card access unit 532 b corresponds to the second reading means and second outputting means of the present invention, the bio-information detection unit 535 b corresponds to the second detecting means of the present invention, and the processing unit 536 b corresponds to the second processing means of the present invention.

[0473] [Server Device 580]

[0474] The server device 580 stores the fingerprint information and the voice information for each of a plurality of users including the user 12 a linked with the user identification information ID.

[0475] The server device 580 transmits the user identification information ID designated by the request and the fingerprint information or voice information corresponding to the type of the bio-information to the authentication apparatuses 515 a and 515 b via the network 581 in response to a request from the authentication apparatuses 515 a and 515 b.

[0476] Below, an explanation will be made of an example of the operation of the authentication system 501.

[0477]FIG. 39 is a flow chart for explaining an example of the operation of the authentication system 501 shown in FIG. 36.

[0478] Step ST71:

[0479] The user 12 a places the authentication card 414 at a position where it can be read out by the card access unit 532 a of the processing device 515 a.

[0480] Step ST72:

[0481] The user 12 a operates the input unit 533 of the processing device 515 a to input the password PWD.

[0482] Step ST73:

[0483] The card access unit 532 a of the processing device 515 a reads out the user identification information ID and the password PWD from the storage unit 421 of the authentication card 414 and stores it in the storage unit 531.

[0484] Then, it compares the read out password PWD and the password PWD input at step ST72 and, when they coincide, perform the following processing.

[0485] Step ST74:

[0486] The bio-information detection unit 535 a of the processing device 515 a detects the fingerprint information of the user 12 a.

[0487] Step ST75:

[0488] The communication interface unit 537 of the processing device 515 a outputs to the server device 580 via the network 581 the user identification information ID read out at step ST73 and the request designating the fingerprint as the type of the bio-information. In response to the request, it transmits the fingerprint information of the user 12 a from the server device 580 via the network 581 to the processing device 515 a and stores it in the storage unit 531.

[0489] Step ST76:

[0490] The card access unit 532 a of the processing device 515 a outputs to the authentication card 414 the fingerprint information of the user 12 a read out from the storage unit 531 and the fingerprint information of the user 12 a detected at step ST74.

[0491] Step ST77:

[0492] The authentication unit 422 a of the authentication card 414 shown in FIG. 31 compares the fingerprint information of the user 12 a read out from the storage unit 531 and the detected fingerprint information of the user 12 a which were input at step ST76 and authenticates the legitimacy of the user 12 a based on the result of the comparison. It outputs the result of the authentication from the input/output interface unit 420 to the processing device 515 a.

[0493] Step ST78:

[0494] The processing unit 536 a of the processing device 515 a performs, for example, account debiting processing or transaction processing when the user 12 a is the legitimate user based on the result of authentication input at step ST77.

[0495] As explained above, the authentication system 501 can authenticate the user by using one bio-information selected from among a plurality of bio-information in accordance with the characteristics of the authentication card.

[0496] For this reason, the authentication system 501 can authenticate the user with a high reliability by using suitable bio-information in accordance with the physical characteristics of the user. Namely, the possibility that the person in question is not recognized (authenticated) as the person in question or a user not the person in question is recognized as the person in question can be lowered.

[0497] Note that, in the present embodiment, for example, as shown in FIG. 40, after the processing of step ST71 explained in FIG. 39 is terminated, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is carried out by the authentication card or authentication apparatus (ST70), the processing of steps ST74 to ST78 shown in FIG. 39 is carried out when it is decided that the bio-information is to be authenticated, while the processing is terminated when it is decided that the bio-information is not to be authenticated.

[0498] Ninth Embodiment

[0499] The present embodiment is an embodiment corresponding to the 16th to 18th aspects of the invention.

[0500]FIG. 41 is an overall view illustrating the configuration of an authentication system 601 of the present embodiment.

[0501] As shown in FIG. 41, the authentication system 601 authenticates the user 12 a by using an authentication card 614 used by the user 12 a, an authentication apparatus 615 a used by the business 13 a, and an authentication apparatus 615 b used by the business 13 b.

[0502] Here, the authentication card 614 corresponds to the authentication module of the present invention, and the authentication apparatuses 615 a and 615 b correspond to the authentication apparatus of the present invention.

[0503] Below, an explanation will be made of the authentication card 614 and the authentication apparatuses 615 a and 615 b.

[0504] [Authentication Card 614]

[0505]FIG. 42 is a view for explaining the authentication card 614 shown in FIG. 41.

[0506] As shown in FIG. 42, the authentication card 614 has a storage unit 620, for example, a magnetic strip or IC (integrated circuit).

[0507]FIG. 43 is a view for explaining the information stored in the storage unit 620.

[0508] The storage unit 620, at the time of issuance of the authentication card 614, stores the user identification information ID allocated to the user 12 a, the password PWD determined by the user 12 a, the encrypted fingerprint information of the user 12 a, and the encrypted voice information of the user 12 a.

[0509] [Authentication Apparatus 615 a]

[0510] The authentication apparatus 615 a is built in for example the ATM of a bank or a personal computer.

[0511]FIG. 44 is a functional block diagram illustrating the authentication apparatus 615 a shown in FIG. 41.

[0512] As shown in FIG. 44, the authentication apparatus 615 a has for example a storage unit 631, a card access unit 632 a, an input unit 633, a bio-information detection unit 635 a, and an authentication unit 636 a.

[0513] Here, the card access unit 632 a corresponds to the reading means of the present invention, the bio-information detection unit 635 a corresponds to the detecting means of the present invention, and the authentication unit 636 a corresponds to the authenticating means of the present invention.

[0514] The storage unit 631 is for example a hard disk drive or semiconductor memory.

[0515] The card access unit 632 a inputs or outputs the information with the authentication card 614.

[0516] The input unit 633 is used for inputting the password PWD by the user 12 a.

[0517] The bio-information detection unit 635 a detects the fingerprint information of the user 12 a.

[0518] The authentication unit 636 a compares the fingerprint information of the user 12 a input from the authentication card 614 via the card access unit 632 a with the fingerprint information detected by the bio-information detection unit 635 a and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0519] [Authentication Apparatus 615 b]

[0520] The authentication apparatus 615 b is built in for example the ATM of a bank or a personal computer.

[0521]FIG. 45 is a functional block diagram illustrating the authentication apparatus 615 b shown in FIG. 41.

[0522] As shown in FIG. 45, the authentication apparatus 615 b has for example a storage unit 631, a card access unit 632 b, the input unit 633, a bio-information detection unit 635 b, and an authentication unit 636 b.

[0523] Here, the storage unit 631 and the input unit 633 are the same as those shown in FIG. 44.

[0524] Here, the card access unit 632 b corresponds to the reading means of the present invention, the bio-information detection unit 635 b corresponds to the detecting means of the present invention, and the authentication unit 636 b corresponds to the authenticating means of the present invention.

[0525] The card access unit 632 b inputs and outputs the information with the authentication card 614.

[0526] The bio-information detection unit 635 b detects the voice information of the user 12 a.

[0527] The authentication unit 636 b compares the voice information of the user 12 a input from the authentication card 614 via the card access unit 632 b with the voice information detected by the bio-information detection unit 635 b, and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0528] Below, an explanation will be made of an example of the operation of the authentication system 601.

[0529]FIG. 46 is a flow chart for explaining an example of the operation of the authentication system 601 shown in FIG. 41.

[0530] Below, an explanation will be made of a case where the user 12 a authenticates itself by using the authentication apparatus 615 a.

[0531] Step ST81:

[0532] The user 12 a places the authentication card 614 at a position where it can be read out by the card access unit 632 a of the authentication apparatus 615 a.

[0533] Step ST82:

[0534] The user 12 a operates the input unit 633 of the authentication apparatus 615 a to input the password PWD.

[0535] Step ST83:

[0536] The card access unit 632 a of the authentication apparatus 615 a reads out the user identification information ID and the password PWD from the storage unit 620 of the authentication card 614 and stores it in the storage unit 631. Then, it compares the read out password PWD and the password PWD input at step ST82 and, when they coincide, performs the following processing.

[0537] Step ST84:

[0538] The bio-information detection unit 635 a of the authentication apparatus 615 a detects the fingerprint information of the user 12 a.

[0539] Step ST85:

[0540] The card access unit 632 a of the authentication apparatus 615 a reads out the encrypted fingerprint information of the user 12 a stored in the storage unit 620 of the authentication card 614 and stores it in the storage unit 631.

[0541] Step ST86:

[0542] The authentication unit 636 a of the authentication apparatus 615 a decodes the fingerprint information read out at step ST85.

[0543] Step ST87:

[0544] The authentication unit 636 a compares the fingerprint information decoded at step ST86 and the fingerprint information detected by the bio-information detection unit 635 a at step ST84 and authenticates the legitimacy of the user 12 a based on the result of the comparison.

[0545] Note that, the example of the operation of the case where the user 12 a authenticates itself by using the authentication apparatus 615 b is the same as the above example of the operation except for the points that the voice information of the user 12 a is detected at step ST84, the voice information of the user 12 a is read out at step ST85, and the voice information of the user 12 a is compared and the authentication is carried out at step ST86.

[0546] As explained above, according to the authentication system 601, the user 12 a can perform the authentication using the fingerprint information in the authentication apparatus 615 a and perform the authentication using the voice information in the authentication apparatus 615 b by using one authentication card 614.

[0547] Note that, in the present embodiment, for example, as shown in FIG. 47, after the processing of step ST81 explained in FIG. 46 is terminated, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is carried out by the authentication apparatus (ST80), the processing of steps ST84 to ST87 shown in FIG. 46 is carried out when it is decided that the bio-information is to be authenticated, while the processing is terminated when it is decided that the bio-information is not to be authenticated.

[0548] 10th Embodiment

[0549] The present embodiment is an embodiment corresponding to the 19th to 21st aspects of the invention.

[0550]FIG. 48 is an overall view illustrating the configuration of an authentication system 701 of the present embodiment.

[0551] As shown in FIG. 48, the authentication system 701 authenticates the user 12 a by using an authentication card 714 used by the user 12 a, a processing device 715 a used by the business 13 a, and a processing device 715 b used by the business 13 b.

[0552] Here, the authentication card 714 corresponds to the authentication module of the present invention, and the processing devices 715 a and 715 b correspond to the processing device of the present invention.

[0553] Below, an explanation will be made of the authentication card 714 and the processing devices 715 a and 715 b.

[0554] [Authentication Card 714]

[0555]FIG. 49 is a view for explaining the authentication card 714 shown in FIG. 48.

[0556] As shown in FIG. 49, the authentication card 714 has an input/output interface unit 720, a storage unit 721, and authentication units 722 a and 722 b.

[0557] Here, the input/output interface unit 720 corresponds to the inputting means of the present invention, the storage unit 721 corresponds to the storing means of the present invention, and the authentication units 722 a and 722 b correspond to the authenticating means of the present invention.

[0558] The input/output interface unit 720 inputs and outputs the information with the processing devices 715 a and 715 b.

[0559] The storage unit 721 is for example a magnetic strip or IC (integrated circuit).

[0560]FIG. 50 is a view for explaining the information stored in the storage unit. 721.

[0561] The storage unit 721, at the time of issuance of the authentication card 714, stores the user identification information ID allocated to the user 12 a, the password PWD determined by the user 12 a, the encrypted fingerprint information of the user 12 a, and the encrypted voice information of the user 12 a.

[0562] The authentication unit 722 a compares the fingerprint information detected from the user 12 a input from the processing device 715 a with the fingerprint information of the user 12 a read out from the storage unit 721 and outputs the result of the comparison to the processing device 715 a.

[0563] The authentication unit 722 b compares the voice information detected from the user 12 a input from the processing device 715 b with the voice information of the user 12 a read out from the storage unit 721 and outputs the result of the comparison to the processing device 715 b.

[0564] [Processing Device 715 a]

[0565] The processing device 715 a is built in for example the ATM of a bank or a personal computer.

[0566]FIG. 51 is a functional block diagram illustrating the processing device 715 a shown in FIG. 48.

[0567] As shown in FIG. 51, the processing device 715 a has for example the storage unit 731, a card access unit 732 a, the input unit 733, a bio-information detection unit 735 a, and a processing unit 736 a.

[0568] Here, the card access unit 732 a corresponds to the outputting means of the present invention, and the bio-information detection unit 735 a corresponds to the detecting means of the present invention.

[0569] The storage unit 731 is for example a hard disk drive or semiconductor memory.

[0570] The card access unit 732 a inputs and outputs the information with the authentication card 714.

[0571] The input unit 733 is used for inputting a password PWD by the user 12 a.

[0572] The bio-information detection unit 735 a detects the fingerprint information of the user 12 a.

[0573] The processing unit 736 a performs, for example, account debiting processing or transaction processing based on the result of authentication input from the authentication card 714.

[0574] [Processing Device 715 b]

[0575] The processing device 715 b is built in for example the ATM of a bank or a personal computer.

[0576]FIG. 52 is a functional block diagram illustrating the processing device 715 b shown in FIG. 48.

[0577] As shown in FIG. 52, the processing device 715 b has for example the storage unit 731, a card access unit 732 b, the input unit 733, a bio-information detection unit 735 b, and a processing unit 736 b.

[0578] The card access unit 732 b inputs and outputs the information with the authentication card 714.

[0579] The bio-information detection unit 735 b detects the voice information of the user 12 a.

[0580] The processing unit 736 b performs for example account debiting processing or transaction processing based on the result of authentication input from the authentication card 714.

[0581] Here, the storage unit 731 and the input unit 733 are the same as those shown in FIG. 51.

[0582] Below, an explanation will be made of an example of the operation of the authentication system 701.

[0583]FIG. 53 is a flow chart for explaining an example of the operation of the authentication system 701 shown in FIG. 48.

[0584] Below, an explanation will be made of a case where the user authenticates itself by using the processing device 715 a.

[0585] Step ST91:

[0586] The user 12 a places the authentication card 714 at a position where it can be read out by the card access unit 732 a of the processing device 715 a.

[0587] Step ST92:

[0588] The user 12 a operates the input unit 733 of the processing device 715 a to input the password PWD.

[0589] Step ST93:

[0590] The card access unit 732 a of the processing device 715 a reads out the user identification information ID and the password PWD from the storage unit 721 of the authentication card 714 and stores them in the storage unit 731. Then, it compares the read out password PWD and the password PWD input at step ST92 and, when they coincide, performs the following processing.

[0591] Step ST94:

[0592] The bio-information detection unit 735 a of the processing device 715 a detects the fingerprint information of the user 12 a.

[0593] Step ST95:

[0594] The fingerprint information of the user 12 a detected at step ST94 and the decoding key information are output from the input/output interface unit 720 of the processing device 715 a to the authentication card 714.

[0595] Step ST96:

[0596] The authentication unit 722 a of the authentication card 714 decodes the fingerprint information of the user 12 a read out from the storage unit 721 by using the decoding key information input at step ST95.

[0597] Step ST97:

[0598] The authentication unit 722 a compares the fingerprint information input at step ST95 and the fingerprint information decoded at step ST96 and authenticates the legitimacy of the user 12 a based on the result of the comparison. Then, it outputs the result of the authentication from the input/output interface unit 720 to the processing device 715 a.

[0599] Step ST98:

[0600] The processing unit 736 a of the processing device 715 a performs for example account debiting processing or transaction processing when the user 12 a is the legitimate user based on the result of authentication input at step ST97.

[0601] Note that the example of the operation of the case when the user 12 a authenticates itself by using the processing device 715 b is the same as the above example of the operation except for the points that the voice information of the user 12 a is detected at step ST94, the voice information of the user 12 a is transmitted at step ST95, and the authentication is carried out by comparing the voice information of the user 12 a at step ST97.

[0602] As explained above, according to the authentication system 701, the user 12 a can perform the authentication using the fingerprint information in the processing device 715 a and perform the authentication using the voice information in the processing device 715 b by using one authentication card 714.

[0603] Note that, in the present embodiment, for example, as shown in FIG. 54, after the processing of step ST91 explained in FIG. 53 is terminated, it is also possible if processing for deciding whether or not the bio-information is to be authenticated is carried out by the processing device (ST90), the processing of steps ST94 to ST98 shown in FIG. 53 is carried out when it is decided that the bio-information is to be authenticated, while the processing is terminated when it is decided that the bio-information is not to be authenticated.

[0604] The present invention is not limited to the above embodiments.

[0605] For example, in the embodiments, as the identification information stored in the module of the invention, the identification information of the user (user identification information) was exemplified, but it is also possible to use the module identification information for identifying the module.

INDUSTRIAL APPLICABILITY

[0606] As explained above, according to the present invention, an authentication method, authentication system, authentication apparatus, and authentication module capable of authenticating a user using bio-information with respect to a variety of users having different physical characteristics can be provided.

[0607] Also, according to the present invention, an authentication method, authentication system, authentication apparatus, and authentication module making it possible to authenticate a user by using a plurality of apparatuses provided with detecting means capable of detecting different bio-information can be provided.

LIST OF REFERENCES

[0608]1 . . . authentication system, 14 . . . authentication card, 15 . . . authentication apparatus, 20 . . . storage unit, 31 . . . storage unit, 32 . . . card access unit, 33 . . . input unit, 34 . . . bio-information type designation unit, 35 . . . bio-information detection unit, 36 . . . authentication unit,

[0609]91 . . . authentication system, 15 a, 15 b . . . authentication apparatus, 31 a, 31 b . . . storage unit, 32 a, 32 b . . . card access unit, 33 . . . input unit, 35 a, 35 b . . . bio-information detection unit, 36 a, 36 b . . . authentication unit,

[0610]101 . . . authentication system, 115 a, 115 b . . . authentication apparatus, 180 . . . server apparatus, 130 a, 130 b . . . communication interface unit, 131 a, 131 b . . . storage unit, 132 . . . card access unit, 133 . . . input unit, 135 a, 135 b . . . bio-information detection unit, 136 a, 136 b . . . authentication unit,

[0611]201 . . . authentication system, 214 a, 214 b . . . authentication card, 215 . . . processing device, 220 a, 220 b . . . input/output interface unit, 221 a, 221 b . . . storage unit, 222 a, 222 b . . . authentication unit, 231 . . . storage unit, 232 . . . card access unit, 233 . . . input unit, 235 a, 235 b . . . bio-information detection unit, 236 . . . processing unit,

[0612]301 . . . authentication system, 315 . . . processing device, 380 . . . server apparatus, 381 . . . network, 337 . . . communication interface unit, 331 . . . storage unit, 332 . . . card access unit, 333 . . . input unit, 335 a, 335 b . . . bio-information detection unit, 336 . . . processing unit,

[0613]401 . . . authentication system, 414 . . . authentication card, 415 a, 415 b . . . processing device, 420 . . . input/output interface unit, 421 . . . storage unit, 422 a, 422 b . . . authentication unit, 430 . . . input/output interface unit, 431 a, 431 b . . . storage unit, 432 a, 432 b . . . card access unit, 433 . . . input unit, 435 a, 435 b . . . bio-information detection unit, 436 a, 436 b . . . processing unit,

[0614]501 . . . authentication system, 515 a, 515 b . . . processing device, 580 . . . server device, 537 . . . communication interface unit, 531 . . . storage unit, 532 a, 532 b . . . card access unit, 533 . . . input unit, 535 a, 535 b . . . bio-information detection unit, 536 a, 536 b . . . processing unit,

[0615]601 . . . authentication system, 614 . . . authentication card, 615 a, 615 b . . . authentication apparatus, 620 . . . storage unit, 631 . . . storage unit, 632 a, 632 b . . . card access unit, 633 . . . input unit, 635 a, 635 b . . . bio-information detection unit, 636 a, 636 b . . . authentication unit,

[0616]701 . . . authentication system, 714 . . . authentication card, 715 a, 715 b . . . authentication apparatus, 720 . . . storage unit, 721 . . . storage unit, 722 a, 722 b . . . authentication unit, 731 . . . storage unit, 732 a, 732 b . . . card access unit, 733 . . . input unit, 735 a, 735 b . . . bio-information detection unit, 736 a, 736 b . . . authentication unit. 

1. An authentication method for authenticating a user by using an authentication module which is portable, wherein a controlling means reads out a designated type of bio-information from among a plurality of types of bio-information of said user stored in a storing means, a detecting means detects said designated type of bio-information from said user, and an authenticating means compares the bio-information read out from said storing means with the bio-information read out by said detecting means and authenticates the legitimacy of said user based on a result of the comparison.
 2. An authentication method as set forth in claim 1, wherein said bio-information is at least one information of fingerprint information, voice information, handwriting information, face contour information, iris information, retinal information, palm information, earlobe information, and vein pattern information.
 3. An authentication apparatus for authenticating a user by using an authentication module which is portable and stores identification information for identifying said user or said authentication module, comprising a storing means for storing a plurality of types of bio-information of said user linked with said identification information, a reading means for reading said identification information from said authentication module, a detecting means for detecting said designated type of bio-information from said user, and an authenticating means for reading from the storing means said designated type of bio-information among the bio-information corresponding to said identification information read out by said reading means, comparing the read out bio-information with the bio-information detected by said detecting means, and authenticating the legitimacy of said user based on the result of the comparison.
 4. An authentication apparatus as set forth in claim 3, further comprising a designating means for designating what type of bio-information to use for authentication of said user among said plurality of types of bio-information.
 5. An authentication method for authenticating a user by using an authentication module which is portable and stores identification information for identifying said user or said authentication module, and an authentication apparatus, wherein said authentication apparatus reads out said identification information from said authentication module, said authentication apparatus reads out said designated type of bio-information among the bio-information corresponding to said read out identification information from the storing means provided in the authentication apparatus, said authentication apparatus detects said designated type of bio-information from said user, and said authentication apparatus compares said read out bio-information with said detected bio-information and authenticates the legitimacy of said user based on the result of the comparison.
 6. An authentication system comprising at least two authentication apparatuses including a first authentication apparatus and a second authentication apparatus for authenticating a user using an authentication module which is portable and stores identification information for identifying said user or the authentication module, wherein said first authentication apparatus comprises a first storing means for storing a first type of bio-information of said user linked with said identification information, a first reading means for reading said identification information from said authentication module, a first detecting means for detecting said first type of bio-information from said user, and a first authenticating means for comparing the bio-information corresponding to said identification information read out by said first reading means with the bio-information detected by said first detecting means and authenticating the legitimacy of said user based on the result of the comparison, and said second authentication apparatus comprises a second storing means for storing a second type of bio-information of said user linked with said identification information, a second reading means for reading said identification information from said authentication module, a second detecting means for detecting said second type of bio-information from said user, and a second authenticating means for comparing the bio-information corresponding to said identification information read out by said second reading means with the bio-information detected by said second detecting means and authenticating the legitimacy of said user based on the result of the comparison.
 7. An authentication method for authenticating a user by using an authentication module which is portable and stores identification information for identifying said user or the authentication module, and at least two authentication apparatuses comprising a first authentication apparatus and a second authentication apparatus for authenticating said user, wherein said first authentication apparatus reads out said identification information from said authentication module, said first authentication apparatus detects said first type of bio-information from said user, said first authentication apparatus reads out the first type of bio-information corresponding to said read out identification information from the first storing means provided in the first authentication apparatus, said first authentication apparatus compares said read out first type of bio-information with said detected first type of bio-information and authenticates the legitimacy of said user based on the result of the comparison, said second authentication apparatus reads out said identification information from said authentication module, said second authentication apparatus detects said second type of bio-information from said user, said second authentication apparatus reads out the second type of bio-information corresponding to said read out identification information from the second storing means provided in the second authentication apparatus, and said second authentication apparatus compares said read out second type of bio-information with said detected second type of bio-information and authenticates the legitimacy of said user based on the result of the comparison.
 8. An authentication system comprising an authentication apparatus for authenticating a user by using an authentication module which is portable and stores identification information for identifying said user or the authentication module, and a server device for storing the bio-information of said user, wherein said server device stores a plurality of types of bio-information of said user linked with said identification information, and said authentication apparatus comprises a reading means for reading said identification information from said authentication module, a detecting means for detecting the type of bio-information used for authentication from said user, and an authenticating means for requesting the bio-information used for said authentication among the bio-information corresponding to said identification information read out by said reading means to said server device, receiving the bio-information from said server device in response to the request, comparing the bio-information received from the server device with the bio-information detected by said detecting means, and authenticating the legitimacy of said user based on the result of the comparison.
 9. An authentication method for authenticating a user by using an authentication apparatus for authenticating said user using an authentication module which is portable and stores the identification information for identifying said user or the authentication module, and a server device for storing the bio-information of said user, wherein said server device stores a plurality of types of bio-information of said user linked with said identification information, said authentication apparatus reads out said identification information from said authentication module, said authentication apparatus detects the type of the bio-information used for authentication from said user, said authentication apparatus requests the bio-information used for said authentication among the bio-information corresponding to said read out identification information to said server device, said server device transmits the bio-information used for said authentication to said authentication apparatus in response to said request, and said authentication apparatus compares the bio-information received from said server device with said detected bio-information and authenticates the legitimacy of said user based on the result of the comparison.
 10. An authentication system comprising a first authentication module and a second authentication module which are portable and used by a user, and a processing device for processing based on the result of the authentication of said user using said first authentication module and said second authentication module, wherein said first authentication module comprises a first storing means for storing first identification information for identifying said user or the first authentication module and a first authenticating means for comparing the first type of bio-information of said user detected by said processing device with said first type of bio-information corresponding to said first identification information stored in said first storing means, authenticating the legitimacy of said user based on the result of the comparison, and outputting the result of the authentication to said processing device, said second authentication module comprises a second storing means for storing second identification information for identifying said user or the second authentication module and a second authenticating means for comparing the second type of bio-information of said user detected by said processing device with said second type of bio-information corresponding to said second identification information stored in said second storing means, authenticating the legitimacy of said second user based on the result of the comparison, and outputting the result of the authentication to said processing device, said processing device comprises a storing means for storing said first type of bio-information of said user linked with said first identification information and storing said second type of bio-information of said user linked with said second identification information, a reading means for reading said first identification information from said first authentication module and said second identification information from said second authentication module, a first detecting means for detecting said first type of bio-information from said user, a second detecting means for detecting said second type of bio-information from said user, an outputting means for outputting to said first authentication module said first type of bio-information of said user stored in said storing means and said bio-information detected at said first detecting means and outputting to said second authentication module said second type of bio-information of said user and said bio-information detected at said second detecting means, and a processing means for processing based on results of the authentication input from said first authentication module and said second authentication module.
 11. An authentication method using a first authentication module and a second authentication module which are portable and used by a user, and a processing device for performing the processing based on the result of the authentication of said user using said first authentication module and said second authentication module, wherein, when said processing device authenticates said user by using said first authentication module, said processing device reads out first identification information for identifying the first authentication module or the user of the first authentication module from said first authentication module, said processing device reads out the first type of bio-information corresponding to said read out first identification information from the storing means provided in the processing device, said processing device detects said first type of bio-information from said user, said processing device outputs said read out first type of bio-information and said detected first type of bio-information to said first authentication module, said first authentication module compares said bio-information input from said processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said processing device, and said processing device performs the processing based on the result of said authentication input from said first authentication module, while when said processing device authenticates said user by using said second authentication module, said processing device reads out from said second authentication module second identification information for identifying the second authentication module or the user of the second authentication module, said processing device reads out the second type of bio-information corresponding to said read out second identification information from the storing means provided in the processing device, said processing device detects said second type of bio-information from said user, said processing device outputs said read out second type of bio-information and said detected second type of bio-information to said second authentication module, said second authentication module compares said bio-information input from said processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said processing device, and said processing device performs the processing based on the result of said authentication input from said second authentication module.
 12. An authentication system comprising a first authentication module and a second authentication module which are portable and used by a user, a server device for storing the bio-information of said user and having a processing device for performing the processing based on the result of the authentication of said user using said first authentication module and said second authentication module, wherein said first authentication module comprises a first storing means for storing first identification information for identifying said user or the first authentication module and a first authenticating means for comparing the first type of bio-information of said user detected by said processing device with said first type of bio-information input from said processing device, authenticating the legitimacy of said user based on the result of the comparison, and outputting the result of the authentication to said processing device, said second authentication module comprises a second storing means for storing second identification information for identifying said user or the second authentication module and a second authenticating means for comparing the second type of bio-information of said user detected by said processing device with said second type of bio-information input from said processing device, authenticating the legitimacy of said user based on the result of the comparison, and outputting the result of the authentication to said processing device, said server device stores said first type of bio-information of said user linked with said first identification information and stores said second type of bio-information of said user linked with said second identification information, and said processing device comprises a first reading means for reading said first identification information from said first authentication module and said second identification information from said second authentication module, a first detecting means for detecting said first type of bio-information from said user, a second detecting means for detecting said second type of bio-information from said user, an outputting means for outputting to said first authentication module said first type of bio-information of said user received from said server device and said bio-information detected by said first detecting means when said first authentication module is to be used, while outputting to said second authentication module said second type of bio-information of said user received from said server device and said bio-information detected by said second detecting means when said second authentication module is to be used, and a processing means for performing the processing based on the result of said authentication input from said first authentication module and said second authentication module.
 13. An authentication method using a first authentication module and a second authentication module which are portable and used by a user, a processing device for performing the processing based on the result of the authentication of said user using said first authentication module and said second authentication module and using a server device, wherein, when said processing device authenticates said user by using said first authentication module, said processing device reads out the first identification information for identifying the first authentication module or the user of the first authentication module from said first authentication module, said processing device requests said first type of bio-information corresponding to said first identification information to said server device, said server device transmits said first type of bio-information corresponding to said first identification information to said processing device in response to said request, said processing device detects said first type of bio-information from said user, said processing device outputs the first type of bio-information received from said server device and said detected first type of bio-information to said first authentication module, said first authentication module compares said bio-information input from said processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said processing device, and said processing device performs the processing based on the result of said authentication input from said first authentication module, while when said first processing device authenticates said user by using said second authentication module, said processing device requests said second type of bio-information corresponding to said second identification information to said server device, said server device transmits said first type of bio-information corresponding to said second identification information to said processing device in response to said request, said processing device detects said second type of bio-information from said user, said processing device outputs said second type of bio-information received from said server device and said detected second type of bio-information to said second authentication module, said second authentication module compares said bio-information input from said processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said processing device, and said processing device performs the processing based on the result of said authentication input from said second authentication module.
 14. An authentication system comprising an authentication module which is portable and used by a user and a plurality of processing devices including a first processing device and a second processing device for performing processing based on the result of authentication of said user using said authentication module, wherein said authentication module comprises a storing means for storing identification information for identifying said user or the authentication module and an authenticating means for comparing, when the authentication is carried out by using said first processing device, first type of bio-information of said user detected by said first processing device with said first type of bio-information corresponding to said identification information stored in said first processing device, authenticating the legitimacy of said user based on the result of the comparison, and outputting the result of the authentication to said first processing device, while comparing, when the authentication is carried out by using said second processing device, second type of bio-information of said user detected by said second processing device with said second type of bio-information corresponding to said identification information stored in said second processing device, authenticating the legitimacy of said user based on the result of the comparison, and outputting the result of the authentication to said second processing device, said first processing device comprises a first storing means for storing said first type of bio-information of said user linked with said identification information, a first reading means for reading said identification information from said authentication module, a first detecting means for detecting said first type of bio-information from said user, a first outputting means for outputting bio-information which is stored in said first storing means and corresponds to said identification information, and outputting said bio-information detected at said first detecting means to said authentication module, and a first processing means for performing the processing based on the result of said authentication input from said authentication module, and said second processing device comprises a second storing means for storing said second type of bio-information of said user linked with said identification information, a second reading means for reading said identification information from said authentication module, a second detecting means for detecting said second type of bio-information from said user, a second outputting means for outputting bio-information which is stored in said second storing means and corresponds to said identification information, and outputting said bio-information detected at said second detecting means to said authentication module, and a second processing means for performing the processing based on the result of said authentication input from said authentication module.
 15. An authentication method using an authentication module which is portable and used by a user and a plurality of processing devices comprising a first processing device and a second processing device for performing processing based on the result of authentication of said user using said authentication module, wherein, when carrying out the authentication by using said authentication module and said first processing apparatus, said first processing device reads out identification information for identifying said user or the authentication module from said authentication module, said first processing device reads out a first type of bio-information corresponding to said read out identification information from a first storing means provided in the first processing device, said first processing device detects said first type of bio-information from said user, said first processing device outputs said read out first type of bio-information and said detected first type of bio-information to said authentication module, said authentication module compares said bio-information input from said first processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said first processing device, and said first processing device performs the processing based on the result of said authentication input from said authentication module, while when carrying out the authentication by using said authentication module and said second processing device, said second processing device reads out identification information for identifying said user or the authentication module from said authentication module, said second processing device reads out a second type of bio-information corresponding to said read out identification information from a second storing means provided in the second processing device, said second processing device detects said second type of bio-information from said user, said second processing device outputs said read out second type of bio-information and said detected second type of bio-information to said authentication module, said authentication module compares said bio-information input from said second processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said second processing device, and said second processing device performs the processing based on the result of said authentication input from said authentication module.
 16. An authentication system comprising an authentication module which is portable and used by a user, a server device for storing bio-information of said user, and a plurality of processing devices including a first processing device and a second processing device for performing processing based on the result of authentication of said user using said authentication module, wherein said authentication module comprises a storing means for storing identification information for identifying said user or the authentication module and an authenticating means for comparing, when the authentication is carried out by using said first processing device, a first type of bio-information of said user detected by said first processing device with bio-information input from said first processing device, that is, said first type of bio-information corresponding to said identification information, authenticating the legitimacy of said user based on the result of the comparison, outputting the result of the authentication to said first processing device, while comparing, when the authentication is carried out by using said second processing device, a second type of bio-information of said user detected by said second processing device with bio-information input from said second processing device, that is, said second type of bio-information corresponding to said identification information, authenticating the legitimacy of said user based on the result of the comparison, and outputting the result of the authentication to said second processing device, said server device stores said first type of bio-information of said user linked with said first identification information and stores said second type of bio-information of said user linked with said second identification information, said first processing device comprises a first reading means for reading said identification information from said authentication module, a first detecting means for detecting said first type of bio-information from said user, a first outputting means for receiving said first type of bio-information of said user from said server device and outputting the bio-information received from the server device and said bio-information detected at said first detecting means to said authentication module, and a first processing means for performing the processing based on the result of said authentication input from said authentication module, and said second processing device comprises a second reading means for reading said identification information from said authentication module, a second detecting means for detecting said second type of bio-information from said user, a second outputting means for receiving said second type of bio-information of said user from said server device and outputting the bio-information received from the server device and said bio-information detected at said second detecting means to said authentication module, and a second processing means for performing the processing based on the result of said authentication input from said authentication module.
 17. An authentication method for authenticating a user by using an authentication module which is portable and used by a user, a plurality of processing devices comprising a first processing device and second processing device for performing processing based on the result of the authentication of said user using said authentication module and a server device for storing the bio-information of said user, wherein, when carrying out the authentication by using said authentication module and said first processing device, said first processing device reads out the identification information for identifying said user or the authentication module from said authentication module, said first processing device requests the first type of bio-information corresponding to said read out identification information to said server device, said server device transmits a first type of bio-information corresponding to said identification information to said first processing device, said first processing device detects said first type of bio-information from said user, said first processing device outputs said first type of bio-information received from said server device and said detected first type of bio-information to said authentication module, said authentication module compares said bio-information input from said first processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said first processing device, and said first processing device performs the processing based on the result of said authentication input from said authentication module, while, when carrying out the authentication by using said authentication module and said second processing device, said second processing device reads out the identification information for identifying said user or the authentication module from said authentication module, said second processing device requests a second type of bio-information corresponding to said read out identification information to said server device, said server device transmits the second type of bio-information corresponding to said identification information to said second processing device, said second processing device detects said second type of bio-information from said user, said second processing device outputs said second type of bio-information received from said server device and said detected second type of bio-information to said authentication module, said authentication module compares said bio-information input from said second processing device, authenticates the legitimacy of said user based on the result of the comparison, and outputs the result of the authentication to said second processing device, and said second processing device performs the processing based on the result of said authentication input from said authentication module.
 18. An authentication apparatus for authenticating a user by using an authentication module which is portable and stores a plurality of bio-information of said user therein, comprising a detecting means for detecting bio-information corresponding to at least one type of said plurality of types from said user, a reading means for reading the bio-information corresponding to the type of said bio-information detected by said detecting means from said authentication module, and an authenticating means for comparing the bio-information detected by said detecting means and the bio-information read out by said reading means and authenticating the legitimacy of said user based on the result of the comparison.
 19. An authentication apparatus as set forth in claim 18, further having a decoding means for decoding said read out bio-information by using predetermined decoding key information when encrypted bio-information is stored in said authentication module.
 20. An authentication system comprising an authentication module which is portable and having an authentication apparatus for authenticating said user by using said authentication module, wherein said authentication module stores a plurality of types of bio-information, and said authentication apparatus comprises a detecting means for detecting the bio-information corresponding to at least one type of said plurality of types from said user, a reading means for reading the bio-information corresponding to the type of said bio-information detected by said detecting means from said authentication module, and an authenticating means for comparing the bio-information detected by said detecting means with the bio-information read out by said reading means and authenticating the legitimacy of said user based on the result of the comparison.
 21. An authentication method for authenticating a user by using an authentication module which is portable and stores a plurality of types of bio-information of said user therein, comprising the steps of: detecting the bio-information corresponding to at least one type of said plurality of types from said user; reading the bio-information corresponding to said detected type of bio-information from said authentication module; comparing said detected bio-information with said read out bio-information; and authenticating the legitimacy of said user based on the result of the comparison.
 22. An authentication system comprising an authentication module which is portable and a processing device, wherein said authentication module comprises a storing means for storing a plurality of types of bio-information, an inputting means for inputting the bio-information of said user from said processing device, and an authenticating means for reading the bio-information of the same type as said bio-information input by said inputting means from said storing mean, comparing the read out bio-information with said bio-information input from said inputting means, and authenticating the legitimacy of said user based on the result of the comparison, and said processing device comprises a detecting means for detecting the bio-information from said user and an outputting means for outputting said detected bio-information to said authentication module.
 23. An authentication system as set forth in claim 22, wherein said authentication module further has a decoding means for decoding said read out bio-information by using the predetermined decoding key information when encrypted bio-information is stored in said storing means.
 24. An authentication module which is portable and authenticates a user by inputting and outputting bio-information with the processing device, comprising a storing means for storing a plurality of types of bio-information, an inputting means for inputting the bio-information of said user from said processing device, and an authenticating means for reading the same type of bio-information as said bio-information input by said inputting means from said storing means, comparing the read out bio-information with said bio-information input from said inputting means, and authenticating the legitimacy of said user based on the result of the comparison.
 25. An authentication module as set forth in claim 24, further comprising an outputting means for outputting the result of said authentication to said processing device.
 26. An authentication method for authenticating a user by using an authentication module which is portable and a processing device, wherein said processing device detects the bio-information of said user, said processing device outputs said detected bio-information to said authentication module, said authentication module reads out the same type of bio-information as said bio-information input from said processing device from the storing means provided in the authentication module, and said authentication module compares said read out bio-information with said bio-information input from said processing device and authenticates the legitimacy of said user based on the result of the comparison. 